Search squid archive

Re: transparent Proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 
[Tom replied with:] 
More information about your configuration is needed.

Are you using a transparent proxy? If not, then your users could easily
add their own proxy settings and bypass squid. If you are using squid in
transparent mode, then your firewall rules redirecting port 80 traffic
to squid are needed.

I know the topic of blocking access to anonymous proxies has been
discussed numerous times here, but nobody seems to have a solution.



here is my complete squid.conf file.....
[tarak@tarak Desktop]$ cat squid.conf | sed '/ *#/d; /^ *$/d'
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl blocksites dstdomain "/etc/squid/squid-block.acl"
acl blockfiles urlpath_regex “/etc/squid/multimedia.files.acl”
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
deny_info ERR_BLOCKED_FILES blockfiles
http_reply_access deny blockfiles
http_access deny blocksites
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl lk_network src 192.168.1.0/24
http_access allow lk_network
always_direct deny local-servers1
always_direct deny local-servers2
http_access allow localhost
http_access deny all
 http_reply_access allow all
icp_access allow all
http_port 192.168.1.3:8080 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
 cache_mem 8 MB
 cache_dir ufs /var/spool/squid 100 16 256
access_log /var/log/squid/access.log squid
 cache_log /var/log/squid/cache.log
 cache_store_log none
 logfile_rotate 7
 pid_filename /var/run/squid.pid
 log_fqdn off
 ftp_passive on
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
 cache_mgr tarak.ranjan@xxxxxxxxxxxxxxxxx
coredump_dir /var/spool/squid

----
Thanks & Regards,
______________
Tarak Ranjan Mukherjee
IS-Team

Liqwid Krystal India Pvt Ltd

T: 91 80  2509 1790 Ext. 107
E: tarak.ranjan@xxxxxxxxxxxxxxxxx
IM: reachtarak@xxxxxxxxxxx

Online Learning|Certification|Learning Solutions :
www.liqwidkrystal.com
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux