Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 5/25/21, Antony Stone wrote: > I've returned to your original question here, after discussing several > points > already in some detail, and I can't help wondering - why are you trying to > do > all this in browsers and web proxies, by manipulating network communications > in ways that were not indended? > That would seem to me to be a far simpler solution to your requirement, > assuming I have now correctly understood that you essentially want a teacher > to share their screen with the students, and for the students not to be able > to "wander off on their own" into the general Internet. Unfortunately (or, probably, actually fortunately!) most of the information out there is on the web and virtually anyone relate to it naturally as their first step/view out there, but the web has become way too wild to invite it into a TaL environment. I think "the best possible world" we could possibly benefit from when it comes to the web is by doing your best at "cutting the crap" in the most functional, least taxing way you possibly could. Also, content on the web changes in its own unpredictable ways and even subject matter experts (with more than one responsibility) can't keep up with its content. Yet, I do think that there are ways to do that by (a more or less explicit description of what I have in mind): a) teacher has lesson plan(s) which include links to the web b) those links include pages on the web, which content she could sanitize by "simply" clicking on the upper left and lower right corner of the content area (firefox' js-based page reader isn't that great), just clicking on the first of a number of linked pages (they do such idiotic things to make you watch their ads) ... just two or three clicks on pages you have on your field of view at this very moment, anyway. That feature can be easily programmed based on a JavaFX Webview, which would internally parse the page in an XPath kind of way and "automatically" submit that XML-ish data to some sort of DB which an ICAP server uses for its own parsing logic, for it to "know" what to do with responses relating to such requested URLs ... > Why not give the students a video conferencing / screen sharing application > such as MS Teams, Jitsi, Zoom, etc and then block them from accessing > websites > during lessons? I (personally and generally) find those video conferencing/screen sharing applications way too taxing for busy teachers and too constraining for students. You would have to rewrite your lesson plans, redesign your presentations. Also, all forms of communications have their own intersubjective aspects. You can't reasonably expect to regiment a class as if it were a marching squadron. Students have their own ways to direct their own conscious attention, take thinking pauses, … as they interact with their learning environments. lbrtchx ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote:
> As part of a teaching and learning (TaL)/school software, I need squid:
>
> a) to detect one of the connected computers in an internal network
> comprising wirelessly connected and wired computers as the "master"
> (operated by the teacher);
>
> b) when that master reach out to an outside URL, the response should
> be replicated in that master's and all other internal computers; but
>
> c) responses to requests originating in the non master ("slave"?)
> ends, return to their corresponding ends;
>
> d) at times the master should be able to switch off that replicating
> feature;
>
> e) more than one or all computers should be able to play "master";
>
> f) all other "slave" should operate in a "transparent proxy" mode;
>
> g) on a single computer, someone could use different
> browsers/versions to do a-f ...
I've returned to your original question here, after discussing several points
already in some detail, and I can't help wondering - why are you trying to do
all this in browsers and web proxies, by manipulating network communications
in ways that were not indended?
Why not give the students a video conferencing / screen sharing application
such as MS Teams, Jitsi, Zoom, etc and then block them from accessing websites
during lessons?
They are required to use the screen sharing application in order to see what
the teacher is showing them during the lesson (are the days of video
projectors and intelligent whiteboards already over?), and they are not
allowed to play around on their own (are these devices their own personal
equipment, or are they supplied and managed by the school?) using the school's
networking resources.
That would seem to me to be a far simpler solution to your requirement,
assuming I have now correctly understood that you essentially want a teacher
to share their screen with the students, and for the students not to be able
to "wander off on their own" into the general Internet.
Antony.
--
Users don't know what they want until they see what they get.
Please reply to the list;
please *don't* CC me.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 5/25/21, Matus UHLAR - fantomas wrote:
as first I'd like to note that squid is a HTTP/FTP proxy, not a port
forwarder (see Subject)
squid also does not actively distribute content.
It can fetch and cache it, but the rest is on you.
and according to your description, most of the work is on you.
Well, yes that I see. I ask here because the most important part of
what I have in mind is squid in tandem with an ICAP plugin, so you
should know best about technologies around it. I am not asking for you
to do such thing or change the design of squid for me.
Probably, all the functional requirements relating to what I have
described can not straight-forwardly done with squid, but there should
be a way to use other applications' output to dynamically reconfigure:
/etc/squid/squid.conf
So, my questions could be reduced to: which exactly are the
configuration lines that should be changed in both squid and the
browsers on the connected computers or the different browsers in the
same computer?
this apaprently means that all squid caches running on their machines will
transparently intercept outgoing port 80 connections. Should be easier on
local machine.
https://wiki.squid-cache.org/SquidFaq/InterceptionProxy
note that intercepting HTTPS (port 443) is much more work and issues than
port 80 (http).
On 25.05.21 10:14, Albretch Mueller wrote:
I was actually thinking in terms of some sort of "squid caching
sessions" instead of having squid running on all local machines, but I
have to think more about why you have suggested such a solution (or
possibly misinterpreted my idea)
your description sounded like running caching squid on each machine ("all
other internal computers")
Also, it's much easier to do intercepting proxy on local machine, as you
don't have to play with routing (which is required for intercepting
connections).
Also, it's easier to reconfigure multiple squid caches on multiple computers
than (tons of) different clients on each computer...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 5/25/21, Matus UHLAR - fantomas wrote: > as first I'd like to note that squid is a HTTP/FTP proxy, not a port > forwarder (see Subject) > > squid also does not actively distribute content. > It can fetch and cache it, but the rest is on you. > > and according to your description, most of the work is on you. Well, yes that I see. I ask here because the most important part of what I have in mind is squid in tandem with an ICAP plugin, so you should know best about technologies around it. I am not asking for you to do such thing or change the design of squid for me. >> Probably, all the functional requirements relating to what I have >>described can not straight-forwardly done with squid, but there should >>be a way to use other applications' output to dynamically reconfigure: >> >> /etc/squid/squid.conf >> >> So, my questions could be reduced to: which exactly are the >>configuration lines that should be changed in both squid and the >>browsers on the connected computers or the different browsers in the >>same computer? > > this apaprently means that all squid caches running on their machines will > transparently intercept outgoing port 80 connections. Should be easier on > local machine. > > https://wiki.squid-cache.org/SquidFaq/InterceptionProxy > > note that intercepting HTTPS (port 443) is much more work and issues than > port 80 (http). I was actually thinking in terms of some sort of "squid caching sessions" instead of having squid running on all local machines, but I have to think more about why you have suggested such a solution (or possibly misinterpreted my idea) lbrtchx ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 5/25/21, Antony Stone wrote: > On Tuesday 25 May 2021 at 14:36:09, Albretch Mueller wrote: > >> On 5/25/21, Antony Stone wrote: >> > On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote: >> >> As part of a teaching and learning (TaL)/school software, I need >> >> squid: >> >> >> >> a) to detect one of the connected computers in an internal network >> >> comprising wirelessly connected and wired computers as the "master" >> >> (operated by the teacher); >> > >> > What information is available to Squid in order to "detect" that this is >> > the "master" machine? >> >> I think a combination of cookies, > > What system generates / checks the cookies? OK, I am just guessing here in the direction I'd wish that implementation would go, but probably an intermidiate proxy or another running instance internally running an ICAP server should be used? > What URL are the cookies associated with in the browser? OK, again ;-), here I clearly see your point, but the communication associated with certain computers could be handled differently based on other autenticating aspects. Also, say, teachers have their own dedicated tablets, we know the time frames in which classes run in each classroom... >> its mac address and, when both fail, authentication. > > Ah, some form of authentication, where the master user has to log in to > something, would certainly be effective. It was just the way you used the > word > "detect" that made me think this should be some action on the part of Squid > independently of what the master machine user was doing. So, that issue we could see as checked. >> Wouldn't that be enough?, perhaps with an extra proxy server? > > Perhaps with an extra *web* server (for authentication), yes, but where > would > an extra proxy server point to? [teacher] |\ /| ...| .>.[extra proxy server*2].<.>.[squid server + ICAP].<. | Internet [students] |/ \| * [2] extra proxy server discriminating between communications started by the teacher or server * extra ICAP server used to do some page content marshalling, e.g.: if a youtube video is accessed, students would see only a page with all the js crap removed and a link pointing to a local file with the video (which, of course, could have been pre downloaded) >> My main problem is that I don't want for students boxes to be prompted for >> or trying to initiate an authentication and I don't know of a fool proof >> way >> of achieving that. > > How about the teacher accesses a URL that the students don't know, or at > least > are not supposed to access, and it is that URL which prompts the teacher to > authenticate? You are not a teacher, right? ;-) or at least not a teacher in the 40's section of the South Bronx in NYC. I think it would be much better if the teacher carries around something (probably, just her face and/or fingerprints? which could be checked via biometrics, the webcam on her tablet). In a school (kind of like in a prison) keeping protected functional spaces vertically disentangled is very important. >> If possible, all students' business should let go through with squid >> serving >> as transparent proxy. > > That's just down to your networking configuration. Great! >> Probably squid could cache that request as local files to the extent >> that it can and just redirect the requests of students' clients as >> references to that file using an ICAP server somehow? > > So, the student asks for the Wikipedia article on Amethyst and finds that > their > browser shows them the web page the teacher is looking at instead? > > I think there's no way you're going to achieve this sort of thing with the > current popularity of SSL/TLS. No, I don't see things happening in that way. There are certain moments during the class in which students can "freely" access the Internet, but teacher should be able to direct the class. So her inet request trumps whatever the students may be attempting to do. Yes, it seems to be a bit facist, but I do believe we should offer kids with a safe leaning environment while in school. They will have enough time to watch all that crappy nonsense floating around outside of the school for the rest of their lives. >> >> b) when that master reach out to an outside URL, the response should >> >> be replicated in that master's and all other internal computers; but >> > >> > What do you mean by "the response should be replicated in ... all other >> > internal computers"? >> >> that the initial request by the teacher should be received as >> response by all students > > Response to what? response to the initial teacher request >> > Are you assuming that these computers are already running a browser, >> >> Well, technically, I think we could assume that, why would that be >> problematic? How bad would if be if they are not running a browser, >> you could interrupt an initiated request,
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 25.05.21 01:51, Albretch Mueller wrote:
Subject: [squid-users] (possibly dynamic?) multiple port forwarding in the
same internal Network ...
As part of a teaching and learning (TaL)/school software, I need squid:
as first I'd like to note that squid is a HTTP/FTP proxy, not a port
forwarder (see Subject)
a) to detect one of the connected computers in an internal network
comprising wirelessly connected and wired computers as the "master"
(operated by the teacher);
b) when that master reach out to an outside URL, the response should
be replicated in that master's and all other internal computers; but
squid also does not actively distribute content.
It can fetch and cache it, but the rest is on you.
and according to your description, most of the work is on you.
c) responses to requests originating in the non master ("slave"?)
ends, return to their corresponding ends;
d) at times the master should be able to switch off that replicating feature;
e) more than one or all computers should be able to play "master";
f) all other "slave" should operate in a "transparent proxy" mode;
g) on a single computer, someone could use different
browsers/versions to do a-f ...
I have seen that partially implemented one way or the other, however
I need to integrate/manage all parts as part of an integrated whole.
I could imagine these kinds of setups being used in TaL and
conferencing environments, as well as in testing environments and, for
example, §a could be achieved with the mac address and/or cookies, but
someone could run macchanger and delete all cookies in their browser,
so an extra authentication barrier should be used, which I see as the
only fool proof way of setup and know who the masters are, or? How
could disable slave ends from authenticating? I am not a networking
kind of guy, so I am not quite sure about the kind of scenarios that
could play out in those kinds of dynamic "master"/"slaves" setups.
Probably, all the functional requirements relating to what I have
described can not straight-forwardly done with squid, but there should
be a way to use other applications' output to dynamically reconfigure:
/etc/squid/squid.conf
So, my questions could be reduced to: which exactly are the
configuration lines that should be changed in both squid and the
browsers on the connected computers or the different browsers in the
same computer?
this apaprently means that all squid caches running on their machines will
transparently intercept outgoing port 80 connections. Should be easier on
local machine.
https://wiki.squid-cache.org/SquidFaq/InterceptionProxy
note that intercepting HTTPS (port 443) is much more work and issues than
port 80 (http).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On Tuesday 25 May 2021 at 14:36:09, Albretch Mueller wrote:
> On 5/25/21, Antony Stone wrote:
> > On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote:
> >> As part of a teaching and learning (TaL)/school software, I need squid:
> >>
> >> a) to detect one of the connected computers in an internal network
> >> comprising wirelessly connected and wired computers as the "master"
> >> (operated by the teacher);
> >
> > What information is available to Squid in order to "detect" that this is
> > the "master" machine?
>
> I think a combination of cookies,
What system generates / checks the cookies?
What URL are the cookies associated with in the browser?
> its mac address and, when both fail, authentication.
Ah, some form of authentication, where the master user has to log in to
something, would certainly be effective. It was just the way you used the word
"detect" that made me think this should be some action on the part of Squid
independently of what the master machine user was doing.
> Wouldn't that be enough?, perhaps with an extra proxy server?
Perhaps with an extra *web* server (for authentication), yes, but where would
an extra proxy server point to?
> My main problem is that I don't want for students boxes to be prompted for
> or trying to initiate an authentication and I don't know of a fool proof way
> of achieving that.
How about the teacher accesses a URL that the students don't know, or at least
are not supposed to access, and it is that URL which prompts the teacher to
authenticate?
If the students go to that URL then they will also be prompted to
authenticate, but in general they will not.
> If possible, all students' business should let go through with squid serving
> as transparent proxy.
That's just down to your networking configuration.
> Probably squid could cache that request as local files to the extent
> that it can and just redirect the requests of students' clients as
> references to that file using an ICAP server somehow?
So, the student asks for the Wikipedia article on Amethyst and finds that their
browser shows them the web page the teacher is looking at instead?
I think there's no way you're going to achieve this sort of thing with the
current popularity of SSL/TLS.
> >> b) when that master reach out to an outside URL, the response should
> >> be replicated in that master's and all other internal computers; but
> >
> > What do you mean by "the response should be replicated in ... all other
> > internal computers"?
>
> that the initial request by the teacher should be received as
> response by all students
Response to what?
> > Are you assuming that these computers are already running a browser,
>
> Well, technically, I think we could assume that, why would that be
> problematic? How bad would if be if they are not running a browser,
> you could interrupt an initiated request, you could even shot down
> your computer in the middle of a download or transaction without a
> problem. Why would that be that difficult? or, was is it exactly I am
> not getting right?
I'm asking "what application is going to receive this "response" sent by
Squid, and be expecting it so that it can process it and display it to the
user?"
You can't just send a chunk of HTML to a computer over the network and expect
a browser window to suddenly appear and display it.
Aside from anything else, you have to get a TCP session going in the first
place.
> > that they should suddenly get some (apparently) web server response via
> > Squid and display it, even though they did not make any request?
> >
> > If so, I would say this is impossible - you can't get a computer to show
> > a response to a request it did not make.
>
> Yes, this is what I meant, why is that so hard?
a) the client (user's computer) did not open a TCP session to anything (either
Squid, or a web server), so it's not going to accept TCP "replies"
b) the client did not send an HTTP request to anything, so it's not going to
accept some HTML which simply turns up on its network port
> Again, my forte is not networking, but I could see how the requested file
> could be cached and forwarded to all student boxes. Perhaps using an ICAP
> server.
You can modify a request sent from the client, or you can modify a response
sent back from a sever, but you cannot simply send a response to a machine
which did not make a request.
> >> c) responses to requests originating in the non master ("slave"?)
> >> ends, return to their corresponding ends;
> >
> > So, any computer other than the "master" simply makes requests and gets
> > standard responses as usual. Fine.
>
> Yes, once you know the request originated in the non master machine,
> it would go back to the initiating client. Again, why would that be
> that problematic?
That is not problematic - it's fine.
> >> d) at times the master should be able to switch off that replicating
> >> feature;
> >
> > What times?
>
> Teacher may decide to
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On 5/25/21, Antony Stone wrote:
> On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote:
>
>> As part of a teaching and learning (TaL)/school software, I need squid:
>>
>> a) to detect one of the connected computers in an internal network
>> comprising wirelessly connected and wired computers as the "master"
>> (operated by the teacher);
> What information is available to Squid in order to "detect" that this is the
> "master" machine?
I think a combination of cookies, its mac address and, when both
fail, authentication. Wouldn't that be enough?, perhaps with an extra
proxy server? My main problem is that I don't want for students boxes
to be prompted for or trying to initiate an authentication and I don't
know of a fool proof way of achieving that. If possible, all students'
business should let go through with squid serving as transparent
proxy.
Probably squid could cache that request as local files to the extent
that it can and just redirect the requests of students' clients as
references to that file using an ICAP server somehow?
>> b) when that master reach out to an outside URL, the response should
>> be replicated in that master's and all other internal computers; but
>
> What do you mean by "the response should be replicated in ... all other
> internal computers"?
that the initial request by the teacher should be received as
response by all students
> Are you assuming that these computers are already running a browser,
Well, technically, I think we could assume that, why would that be
problematic? How bad would if be if they are not running a browser,
you could interrupt an initiated request, you could even shot down
your computer in the middle of a download or transaction without a
problem. Why would that be that difficult? or, was is it exactly I am
not getting right?
> that
> they should suddenly get some (apparently) web server response via Squid and
> display it, even though they did not make any request?
> If so, I would say this is impossible - you can't get a computer to show a
> response to a request it did not make.
Yes, this is what I meant, why is that so hard? Again, my forte is
not networking, but I could see how the requested file could be cached
and forwarded to all student boxes. Perhaps using an ICAP server.
>> c) responses to requests originating in the non master ("slave"?)
>> ends, return to their corresponding ends;
>
> So, any computer other than the "master" simply makes requests and gets
> standard responses as usual. Fie.
Yes, once you know the request originated in the non master machine,
it would go back to the initiating client. Again, why would that be
that problematic?
>> d) at times the master should be able to switch off that replicating
>> feature;
>
> What times?
Teacher may decide to "privately" check out some information by
herself without it being displayed on all students' ends or even
concurrently open another "private" browser window.
> How?
This is what I don't know but I think (probably somewhat naively) it
shouldn't be that hard. Again, session tracking via cookies or URL
rewriting, maybe?
> I really think you need to explain this "replicating
> feature" in more detail (and preferably in network terms, from the point of
> view of the software running on the master, and the software running on a
> non-master.
I am not a networking guy but probably you could point out to me some
related documents explaining specifically the kinds of problematics
around these kinds of issues.
>> e) more than one or all computers should be able to play "master";
>
> I repeat my first question - what information is available to Squid in order
> to
> "detect" that this is the "master" machine?
I think I answer that in §a. Again, why would that be that hard?
>> f) all other "slave" should operate in a "transparent proxy" mode;
>
> Are you including SSL in this?
Yes, if possibly, all kinds of communications, but just http (no
encryption) for the student client machines would be fine.
>> g) on a single computer, someone could use different
>> browsers/versions to do a-f ...
>>
>> I have seen that partially implemented one way or the other, however
>> I need to integrate/manage all parts as part of an integrated whole.
>
>> So, my questions could be reduced to: which exactly are the
>> configuration lines that should be changed in both squid and the
>> browsers on the connected computers or the different browsers in the
>> same computer?
>
> I think this request is (a) a *lot* more complicated than this, and probably
> a
> lot more complicated than you think it is, and (b) in parts, impossible.
I am squarely OK with "lots of complication" and as I said, you might
not be able to completely and directly implement all aspects using
squid, but what aspects of that integrated whole do you think are
impossible?
lbrtchx
___
squid-users mailing list
squid-users@lists.squid-cache.org
Re: [squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
On Tuesday 25 May 2021 at 07:51:21, Albretch Mueller wrote:
> As part of a teaching and learning (TaL)/school software, I need squid:
>
> a) to detect one of the connected computers in an internal network
> comprising wirelessly connected and wired computers as the "master"
> (operated by the teacher);
What information is available to Squid in order to "detect" that this is the
"master" machine?
> b) when that master reach out to an outside URL, the response should
> be replicated in that master's and all other internal computers; but
What do you mean by "the response should be replicated in ... all other
internal computers"?
Are you assuming that these computers are already running a browser, and that
they should suddenly get some (apparently) web server response via Squid and
display it, even though they did not make any request?
If so, I would say this is impossible - you can't get a computer to show a
response to a request it did not make.
If I have misunderstood, please explain which this does mean.
> c) responses to requests originating in the non master ("slave"?)
> ends, return to their corresponding ends;
So, any computer other than the "master" simply makes requests and gets
standard responses as usual. Fie.
> d) at times the master should be able to switch off that replicating
> feature;
What times? How? I really think you need to explain this "replicating
feature" in more detail (and preferably in network terms, from the point of
view of the software running on the master, and the software running on a non-
master.
> e) more than one or all computers should be able to play "master";
I repeat my first question - what information is available to Squid in order to
"detect" that this is the "master" machine?
> f) all other "slave" should operate in a "transparent proxy" mode;
Are you including SSL in this?
> g) on a single computer, someone could use different
> browsers/versions to do a-f ...
>
> I have seen that partially implemented one way or the other, however
> I need to integrate/manage all parts as part of an integrated whole.
> So, my questions could be reduced to: which exactly are the
> configuration lines that should be changed in both squid and the
> browsers on the connected computers or the different browsers in the
> same computer?
I think this request is (a) a *lot* more complicated than this, and probably a
lot more complicated than you think it is, and (b) in parts, impossible.
Regards,
Antony.
--
The difference between theory and practice is that in theory there is no
difference, whereas in practice there is.
Please reply to the list;
please *don't* CC me.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
[squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
As part of a teaching and learning (TaL)/school software, I need squid:
a) to detect one of the connected computers in an internal network
comprising wirelessly connected and wired computers as the "master"
(operated by the teacher);
b) when that master reach out to an outside URL, the response should
be replicated in that master's and all other internal computers; but
c) responses to requests originating in the non master ("slave"?)
ends, return to their corresponding ends;
d) at times the master should be able to switch off that replicating feature;
e) more than one or all computers should be able to play "master";
f) all other "slave" should operate in a "transparent proxy" mode;
g) on a single computer, someone could use different
browsers/versions to do a-f ...
I have seen that partially implemented one way or the other, however
I need to integrate/manage all parts as part of an integrated whole.
I could imagine these kinds of setups being used in TaL and
conferencing environments, as well as in testing environments and, for
example, §a could be achieved with the mac address and/or cookies, but
someone could run macchanger and delete all cookies in their browser,
so an extra authentication barrier should be used, which I see as the
only fool proof way of setup and know who the masters are, or? How
could disable slave ends from authenticating? I am not a networking
kind of guy, so I am not quite sure about the kind of scenarios that
could play out in those kinds of dynamic "master"/"slaves" setups.
Probably, all the functional requirements relating to what I have
described can not straight-forwardly done with squid, but there should
be a way to use other applications' output to dynamically reconfigure:
/etc/squid/squid.conf
So, my questions could be reduced to: which exactly are the
configuration lines that should be changed in both squid and the
browsers on the connected computers or the different browsers in the
same computer?
lbrtchx
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
