Re: [squid-users] How to prevent anwanted bypassing squid by network users trhough browser set-up

On Monday 29 September 2003 2:00 pm, Datareactor wrote:

> if you have router you can implement wccp on it
> to forward your port 80 request to squid proxies
> then your rules will be applied .

> no need to put proxy in their browser.

Yes, but transparent proxying doesn't work as well as true proxying - it is
not a recommended configuration, even though it's possible.

Better to configure the browsers to correctly use a proxy than to have users
complain that the system doesn't work properly.

Regards,

Antony.

> ----- Original Message -----
> From: "Manuel Schroeder" <masch@center-net.de>
> To: <squid-users@squid-cache.org>
> Sent: Monday, September 29, 2003 5:40 PM
> Subject: [squid-users] How to prevent anwanted bypassing squid by network
> users trhough browser set-up
>
> > Hi,
> >
> > we want to disable our network users to access their private webmail
> > etc. from the office. So I did successfully made an acl dstdomain
> > ....... and made squid also taking care about port 80.
> >
> > But my obvious concern is that our clever users will setup their
> > browsers back NOT to use our proxy but to go to the internet DIRECTLY as
> > usual in former times on port 80 without proxy use. %) I did hope the
> > above (also looking at port 80) would prevent them from but sorry to say
> > it does not. 8(
> >
> > But by doing so all my wonderfull filter rules in squid will be
> > bypassed! :(
> >
> > How can I make squid to block browsers coming on port 80 in "no proxy
> > mode"?! :)
> >
> > Manuel

-- 
If you think you see a Heffalump in a trap,
make sure it isn't really a Bear with an empty honey jar stuck on his head.