On Sun, 18 Mar 2001, Paolo Carballo wrote:
<snip>
> ICQ, Yahoo Messenger, and MSN Messenger before deployment. Would it be
> better to use the ports for the last three or would blocking the
> websites do just fine?
our standard configuration for these type of setups is
1. block *all* traffic, allow only the proxy server direct access to the
Internet.
2. use private ip's internally, then use NAT for those who'd be needing
external access (like ssh, and others)
<snip>
> Since the firewall is already deployed, I think they opted to tinker with
> squid instead just to block the sites.
visit the squid docs
http://squid-docs.sourceforge.net/
there is a sample for this on chapter 7, acl's ...
hth
-mark
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
