On Thu, 21 Feb 2002, Glen Turner wrote: > > > A organisation has public access terminals connected to a Telstra cable > > > connection. They use a Netgear router that allocates a 192.168.0.x DHCP > > > address on every client login. > > > > > > There is no filtering on the services. > > > > > > Using Squidguard (or similar) how can you enforce using the proxy? > > > > You can't. Unless you can stop connections to port 80 to addresses outside > > the local network, people can just connect to wherever they please. > > > > Get rid of the Netgear router, and put a Linux firewall/router/DHCP server > > in there instead. If you're really squeezed for machines (can't afford a > > 486?) then put the Squidguard machine in as the router. > > But surely blocking outgoing port 80 is pretty much the requirement?
Yes. That is, in fact, what I said. I am not sure whether the OP's Netgear is the right model to do it (as I have said before, I don't use dedicated routers much because an excess 486 is cheaper and more flexible). This is why I qualified my statement with 'Unless'. As in, 'please use the intelligence god gave you to see whether you can do it'. The main point is that Squidguard (or any other similar package), in and of itself, is incapable of enforcing the use of the proxy. Which is, taken literally, the question which the OP asked. -- ----------------------------------------------------------------------- #include <disclaimer.h> Matthew Palmer [EMAIL PROTECTED] -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
