Hi, On Tue, Jul 5, 2011 at 3:01 PM, Marcin J. Kraszewski <marcin@xxxxxx> wrote: > Hi > > I will be getting rid of an old version of iPlanet Web Proxy Server. I > would like to replace it with squid. I don't have any experience with > squid, so here are a few questions regarding its capabilities. > > I need to do the following: > > . limit access to documents or sites based on individual users, groups, > IP addresses, host names or wild card expressions http://wiki.squid-cache.org/HelpOnAccessControlLists > . route traffic to appropriate web site or proxy server Routing to web site is a basic operation, no need for special config For proxy-to-proxy routing, you can see http://wiki.squid-cache.org/Features/CacheHierarchy or more in general http://wiki.squid-cache.org/?action=fullsearch&context=180&value=cache_peer&fullsearch=Text > . filter objectionable URLs and content, including viruses, HTML tags > and ActixeX content You need an ICAP service for that. There are many commercial and some free offerings for that. > . reduce network traffic by caching Basic built-in feature. > I have three networks separated by a firewall running HTTP Proxy. > Traffic from each of the networks goes through that firewall and then > is chained to the DMZ Proxy Server (squid) before being routed to the > appropriate web server (no Internet access). > > Is squid a good match for this project? Thank you very much for your > input. I don't know if I'd run a proxy on the firewall, but if it fits your performance needs, certainly. Are you running a transparent proxy or is it just hosted on the same machine as the firewall? -- /kinkie
