Re: Nice init script for firewall to force users through squid

[Jürgen Leibner <juergen.leibner@t-online.de>]

Am Sonntag, 6. Juli 2008 schrieb julidaoc@online.de:
> Hello,
>
> I just made this init script which prevents non-root users from
> bypassing your squid proxy :
------8<---------------------------
Hello,

my opinion is, that the network infrastructure of Debian-Edu is the main 
reason for the need of having scripts like you provided here.

The network infrastructure depends on a gateway staying in the network 
like any other host. So every workstation is able to go through it 
without noticed by tjener. This shows, that the rules for controlling 
the Debian-Edu network have to be on that gateway.

I think that there should be a profile on the install-disk for setting 
up a pc as a gateway, which is preconfigured for the use with 
Debian-Edu. It should be integrated in the LDAP-infrastructure to see 
user, groups, machines a.s.o. and having a simple GUI for deploying 
restrictions and rules in an easy way for admins and/or teachers.

It would be great, to get such a profile being combinable with the 
main-server and the LTSP profile, so that there are at least 3 NICs on 
such a superserver needed.

-- 
Greetings, Jürgen Leibner