On 5/25/21, Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote: > On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote: > >> As part of a teaching and learning (TaL)/school software, I need squid: >> >> a) to detect one of the connected computers in an internal network >> comprising wirelessly connected and wired computers as the "master" >> (operated by the teacher); > What information is available to Squid in order to "detect" that this is the > "master" machine? I think a combination of cookies, its mac address and, when both fail, authentication. Wouldn't that be enough?, perhaps with an extra proxy server? My main problem is that I don't want for students boxes to be prompted for or trying to initiate an authentication and I don't know of a fool proof way of achieving that. If possible, all students' business should let go through with squid serving as transparent proxy. Probably squid could cache that request as local files to the extent that it can and just redirect the requests of students' clients as references to that file using an ICAP server somehow? >> b) when that master reach out to an outside URL, the response should >> be replicated in that master's and all other internal computers; but > > What do you mean by "the response should be replicated in ... all other > internal computers"? that the initial request by the teacher should be received as response by all students > Are you assuming that these computers are already running a browser, Well, technically, I think we could assume that, why would that be problematic? How bad would if be if they are not running a browser, you could interrupt an initiated request, you could even shot down your computer in the middle of a download or transaction without a problem. Why would that be that difficult? or, was is it exactly I am not getting right? > that > they should suddenly get some (apparently) web server response via Squid and > display it, even though they did not make any request? > If so, I would say this is impossible - you can't get a computer to show a > response to a request it did not make. Yes, this is what I meant, why is that so hard? Again, my forte is not networking, but I could see how the requested file could be cached and forwarded to all student boxes. Perhaps using an ICAP server. >> c) responses to requests originating in the non master ("slave"?) >> ends, return to their corresponding ends; > > So, any computer other than the "master" simply makes requests and gets > standard responses as usual. Fie. Yes, once you know the request originated in the non master machine, it would go back to the initiating client. Again, why would that be that problematic? >> d) at times the master should be able to switch off that replicating >> feature; > > What times? Teacher may decide to "privately" check out some information by herself without it being displayed on all students' ends or even concurrently open another "private" browser window. > How? This is what I don't know but I think (probably somewhat naively) it shouldn't be that hard. Again, session tracking via cookies or URL rewriting, maybe? > I really think you need to explain this "replicating > feature" in more detail (and preferably in network terms, from the point of > view of the software running on the master, and the software running on a > non-master. I am not a networking guy but probably you could point out to me some related documents explaining specifically the kinds of problematics around these kinds of issues. >> e) more than one or all computers should be able to play "master"; > > I repeat my first question - what information is available to Squid in order > to > "detect" that this is the "master" machine? I think I answer that in §a. Again, why would that be that hard? >> f) all other "slave" should operate in a "transparent proxy" mode; > > Are you including SSL in this? Yes, if possibly, all kinds of communications, but just http (no encryption) for the student client machines would be fine. >> g) on a single computer, someone could use different >> browsers/versions to do a-f ... >> >> I have seen that partially implemented one way or the other, however >> I need to integrate/manage all parts as part of an integrated whole. > >> So, my questions could be reduced to: which exactly are the >> configuration lines that should be changed in both squid and the >> browsers on the connected computers or the different browsers in the >> same computer? > > I think this request is (a) a *lot* more complicated than this, and probably > a > lot more complicated than you think it is, and (b) in parts, impossible. I am squarely OK with "lots of complication" and as I said, you might not be able to completely and directly implement all aspects using squid, but what aspects of that integrated whole do you think are impossible? lbrtchx _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users