Remove the default gateway so nobody can get to the internet unless they go through the proxy. I've had my network set that for 9 years and nobody has ever noticed. Jason ..·><((((º> > -----Original Message----- > From: Boniforti Flavio [mailto:flavio@xxxxxxxxxxx] > Sent: Wednesday, May 05, 2010 11:21 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Best policy to allow only proxy surfing > > > Hello everybody. > > I've set up a proxy at a customers' site and set up an ACL to > block some > domains (first of all facebook.com). > > Now some clever users have discovered that they can use > foreing external > proxies to avoid filtering. > > What I was thinking to do, is to enable on my firewall > LAN-->WAN *only* > my proxy's IP address, but the question is: how would I have > to proceed, > as the client PCs still could be set their proxy settings?! > > Kind regards, > Flavio Boniforti > > PIRAMIDE INFORMATICA SAGL > Via Ballerini 21 > 6600 Locarno > Switzerland > Phone: +41 91 751 68 81 > Fax: +41 91 751 69 14 > URL: http://www.piramide.ch > E-mail: flavio@xxxxxxxxxxx > This message has been scanned for malware by Websense. www.websense.com
