Thanks. that will help.
On Wed, Feb 29, 2012 at 5:47 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 1/03/2012 12:42 a.m., Muhammad Yousuf Khan wrote:
>>
>> Thanks, it means i have to shift it back to proxy mode. since i am
>> still using it on testing environment it wouldn't be an hurdle for me.
>
>
> "back"? Squid since version 2.6 have been able to open multiple ports
> simultaneously. Several traffic modes entering one proxy is pretty common
> these days.
>
> The advised best-practice for a portal proxy installation is to layer the
> modes.
> With regular forward-proxy ports available. And WPAD/PAC deployed to the
> network to encourage their use as much as possible.
> Then interception as a backup method of receiving the traffic. With NAT or
> TPROXY deployed to catch port 80 and maybe 443/HTTPS if your locale can do
> that.
> Then firewall rules deployed to control what the proxy does not or cannot
> do (for example the rules Naira mentioned).
>
> There are also a few other tricks like dnsmasq and a reverse-proxy port
> amongst the interception tools if you get desperate.
>
> Amos
>
Received on Wed Feb 29 2012 - 14:11:50 MST
This archive was generated by hypermail 2.2.0 : Wed Feb 29 2012 - 12:00:06 MST