On Sat, 03 Mar 2012 00:41:31 +1300 Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On 2/03/2012 11:37 p.m., J. Bakshi wrote: > > Hello list, > > > > I have a debian server which works as a gateway as well as web server of our organization. > > We use the web server as local web development server. Hence the gateway and the web-server IP is same. > > > > I like to restrict some internet sites where squid becomes very handy. I have two problems here. > > > > [1] Can I configure squid such a way where it just operates on WAN ethernet card, > > Please explain a bit about what you mean by "operates on WAN ethernet > card". The card does not run software, so you can't be meaning the > obvious interpretation. Actually the local gateway ( also the development server ) has two lan card. One is connected with LAN and the other is with WAN > > > without any > > required settings from user-end ? > Yes. But _how_ depends on where the users are. > The users are both linux and window users. > > So users can browse the locally available sites without any > > modification at network settings and when they go to internet the squid comes in between and > > restrict the defined sites ? > > I'm reading that as saying the users are internal. So you want Squid > operating with both forward-proxy and interception proxy mode ports. > > Here is the recommended network configuration for a gateway proxy such > as yours. These guidelines are designed for minimal trouble both to > users and to network admin > http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers#Recommended_network_configuration > > Each of the layers has different ways to configure bypasses for your > local servers. Although Squid can act as a reverse-proxy to them easily. > So you may not in the end want to do any bypass. > > > > > [2] can I restrict the sites based on time ? Say youtube is again available after 7 pm ? > > Once the traffic is in the proxy, yes. With limitations. Namely that > ACLs are only tested at certain points of the transaction, such as when > a new request is made. A transfer which is already happening when your > time boundary changes from allowed to denied will not be stopped. Only > new ones started during the deny period > I see... > > > > Please give some focus on these issues as I have little knowledge about squid. > > The place to start getting to know Squid is > http://wiki.squid-cache.org/SquidFaq > Thanks
