Hey Steve,
What if you made squid run on a different port? i.e. you could have it
so that its set for 58347 (etc) and junkbuster talks to that -
alternatively - add a line to /etc/hosts.deny, denying all access to port
3128, except for local host?
Zak
----- Original Message -----
From: Steve Philp <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 05, 1999 8:13 AM
Subject: [expert] Configuring Squid
> Hello all!
>
> I'm having a problem that maybe someone here can help me with...
>
> I've setup a proxy server running Junkbuster and Squid for Internet
> access from our corporate network.
>
> Direct Internet access is forbidden by the router, allowing only traffic
> which comes from the proxy server. Clients are expected to talk to the
> Junkbuster proxy in order to reach the Internet (this allows us to
> filter and block extremely easily). The Junkbuster proxy talks to the
> Squid proxy to cache all requests.
>
> All of this is working fine, and I'm extremely happy with the "useless
> box in the closet" as it was known prior to its new Linux life.
>
> Our problem comes here:
>
> _IF_ our clients leave the proxy configured as we set it, they talk to
> Junkbuster and get filtered access to the net. However, they _could_
> change the port from 8000 to 3128 and talk to Squid instead, yielding
> unfiltered access.
>
> Does anyone know of a way to limit Squid so that it will only talk to
> Junkbuster? I'd like to simply throw an error page if someone tries to
> talk to Squid directly.
>
> Any hints would be extremely appreciated!
>
> --
> Steve Philp
> Network Administrator
> Advance Packaging Corporation
> [EMAIL PROTECTED]
>
