Thanks. that will help. On Wed, Feb 29, 2012 at 5:47 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 1/03/2012 12:42 a.m., Muhammad Yousuf Khan wrote: >> >> Thanks, it means i have to shift it back to proxy mode. since i am >> still using it on testing environment it wouldn't be an hurdle for me. > > > "back"? Squid since version 2.6 have been able to open multiple ports > simultaneously. Several traffic modes entering one proxy is pretty common > these days. > > The advised best-practice for a portal proxy installation is to layer the > modes. > With regular forward-proxy ports available. And WPAD/PAC deployed to the > network to encourage their use as much as possible. > Then interception as a backup method of receiving the traffic. With NAT or > TPROXY deployed to catch port 80 and maybe 443/HTTPS if your locale can do > that. > Then firewall rules deployed to control what the proxy does not or cannot > do (for example the rules Naira mentioned). > > There are also a few other tricks like dnsmasq and a reverse-proxy port > amongst the interception tools if you get desperate. > > Amos >
