On 22/06/11 11:08, Martin Lukeš wrote:
Hi Hasanen, I'm not familiar with Squid yet, hence I'm not sure if I understand you right. Maybe this will clarify my situation. I manage tens of student computers. Until now on my server I used Privoxy to filter out explicit websites (porn, etc.). Unfortunately some of these students figured out how to disable proxy which was set on these computers, since on OSes we use there is no way how to prevent them to do so. Last line of "defense" remains DNS which system prevents them to change. This is why I want DNS to filter these sites. OOOH! Can Squid even be set like DNS server?
Do you have control over the firewall/gateway? If so, just deny port 80 and 443 connections from any host other than the proxy.
If not then even the DNS server approach would be easy to circumvent as the users could just change the DNS servers on the client.
Cheers Alex
