From: Alex Boag-Munroe (ajbm@ntlworld.com)
Date: Thu Nov 16 2000 - 21:57:06 PST
The simplest way to do this, is:
Add a rule to pmfirewall that only allows traffic in and out on port 80 to
your server, and disallow it from all the other machines on your network.
Just then make sure that your clients talk to port 8080 or 3128 or something
on Squid.
That way, if they turn off the proxy, they won't get out.
Ta
Alex
On Friday 17 November 2000 04:47, you wrote:
> > Hello.
>
> I'm not sure if this is to the correct list or not, but I'll try it here
> first. I currently have a squid proxy server running on the same box as
> pmfirewall as a gateway out to the 'net. Currently, the clients are
> configured to use the proxy server, but if they bypass the proxy, they can
> get out freely. My question is this: if I turn off masq'ing completely,
> will the proxy still handle the http traffic? I know that this will stop
> all other traffic from getting out, but that is not a major deal. The main
> concern is the http traffic and being able to control who gets access and
> who doesn't.
>
> Thanks,
>
> Sean
----------------------------------------
Content-Type: text/html; charset="iso-8859-1"; name="Attachment: 1"
Content-Transfer-Encoding: quoted-printable
Content-Description:
----------------------------------------
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:37:52 PDT