Re: [squid-users] what type of proxy do I need ?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 03 Mar 2012 00:41:31 +1300

On 2/03/2012 11:37 p.m., J. Bakshi wrote:
> Hello list,
>
> I have a debian server which works as a gateway as well as web server of our organization.
> We use the web server as local web development server. Hence the gateway and the web-server IP is same.
>
> I like to restrict some internet sites where squid becomes very handy. I have two problems here.
>
> [1] Can I configure squid such a way where it just operates on WAN ethernet card,

Please explain a bit about what you mean by "operates on WAN ethernet
card". The card does not run software, so you can't be meaning the
obvious interpretation.

> without any
> required settings from user-end ?
Yes. But _how_ depends on where the users are.

> So users can browse the locally available sites without any
> modification at network settings and when they go to internet the squid comes in between and
> restrict the defined sites ?

I'm reading that as saying the users are internal. So you want Squid
operating with both forward-proxy and interception proxy mode ports.

Here is the recommended network configuration for a gateway proxy such
as yours. These guidelines are designed for minimal trouble both to
users and to network admin
http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers#Recommended_network_configuration

Each of the layers has different ways to configure bypasses for your
local servers. Although Squid can act as a reverse-proxy to them easily.
So you may not in the end want to do any bypass.

>
> [2] can I restrict the sites based on time ? Say youtube is again available after 7 pm ?

Once the traffic is in the proxy, yes. With limitations. Namely that
ACLs are only tested at certain points of the transaction, such as when
a new request is made. A transfer which is already happening when your
time boundary changes from allowed to denied will not be stopped. Only
new ones started during the deny period

>
> Please give some focus on these issues as I have little knowledge about squid.

The place to start getting to know Squid is
http://wiki.squid-cache.org/SquidFaq

Enjoy
Amos
Received on Fri Mar 02 2012 - 11:41:38 MST

This archive was generated by hypermail 2.2.0 : Fri Mar 02 2012 - 12:00:02 MST