[PLUG] Linux Based Proxy Firewall solution

Pranav Peshwe pranavpeshwe at gmail.com
Wed Mar 18 23:22:06 PDT 2009


On Thu, Mar 19, 2009 at 4:50 AM, Kulkarni Shantanu <
linux at shantanukulkarni.org> wrote:

> * Pranav Peshwe <pranavpeshwe at gmail.com> [090319 10:11]:
> > However, an issue in introducing a proxy server is, all the browsers for
> all
> > the users on all the machines have to be updated to use the proxy, lest
> some
> > user might get a surprise. But, this is not too much work if the
> deployment
> > is small or the users themselves are techy.
>
>
> not necesarily, use in transparent proxy mode with iptables redirecting
> outgoing port 80 (and all required) to local squid cache transparently
> to users.
>
> > I guess, if he has a firewall setup at the gateway, then he can block
> > internet traffic to other websites without having to put a proxy. That
> will
> > do away the browser and proxy configuration.
>
> not a good idea to block by IP, plus with squid you get caching and fine
> control too.


Agreed. Also, since they are going to access only a single website, the
caching might turn out to be more effective than usual.

Thanks.

- Pranav


More information about the plug-mail mailing list