Re: [squid-users] Question about configuration directive http_port

From: Matus UHLAR - fantomas <uhlar_at_fantomas.sk>
Date: Thu, 20 Oct 2011 11:26:59 +0200

On 17.10.11 11:25, - Mikael - wrote:
>Date: Mon, 17 Oct 2011 11:25:03 -0700
>From: - Mikael - <funactivities_at_gmail.com>
>To: squid-users_at_squid-cache.org
>Subject: Re: [squid-users] Question about configuration directive http_port

Please post new mail with proper subject, if you are asking a new
question. Some mail clients can do threading which has many advantages
(and many disadvantages if you break it).

>What are the benefits of having Squid on the LAN?

caching, mostly, and better control over the content (e.g. ICAP to
filter viruses etc)

>Our firewall (Sonicwall NSA) explicitly forbids proxies on the LAN for
>some reason.

I guess it's because it's hard to distinguish users behind a proxy.
You probably could configure your firewall to allow having proxy on
machine you maintain.

>The firewall will forward all traffic to Squid only if its on public IP address.

you can also have squid on your network behind firewall, although it
will probably see NATted address.
  
>This is how we are setup right now:
>(LAN) -> (Sonicwall firewall, NAT, DPI, DHCP) -> (Squid) -> WWW
>WAN routing is done by the ISP's router that's on site.
>Latency from LAN to Squid box is <1ms.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
Received on Thu Oct 20 2011 - 09:27:09 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 20 2011 - 12:00:03 MDT