[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Squid proxy thoughts


I have some questions to the use of proxy on the tjener. Atm Skolelinux 7, the use of netgroups to block access to internet is not working. The need to be able to lock sertain clients away from normal internet access, and maybe still be able to access some central exam autority site, is ugent. I have tried to set up my firewall, pfSense, to do the job, but since the automatic proxysetup in skolelinux is set to use the squid install on tjener as proxy, i cant make it work. All trafic that my pfSense sees is the trafic from tjener ( I have asked in the irc channel on this, and got the answeer to use wpad-file to stear clients to my pfSense box as proxy rather than tjener. Ive tried to set this up on tjener and on the ltsp equivalent to no use. All clients are still locked to tjener as proxy.

I have 2 senarios/sugestions that is valid.
1. Get in place a decent way to administrate the proxy setup, blacklist, and so on, on tjener. (preferably through gosa) 2. Remove the use/need of proxy on tjener and let a dedicated firewall do the job.

I would prefear the first alternative, but the second holds some advantages too. The 2nd will ease the load on tjener quite a bit. pfSense, for one, has a very nice way to do this, and can be integradet to tjener's ldap for easier administration.

Kindly Regards
Helge Tore Høyland

Reply to: