On Fri, 2003-02-14 at 23:02, Ken Foskey wrote: > ...snip... good stuff stuff on why iptables redirection is bad... > > Are you saying that to enforce proxy I should simply block port 80 and > then the browser is forced to find a proxy?
Not quite. > Is there something in squid > that I should set on to make browser configs easier? There are a number of things that can be done... Firstly, regarding port 80: Redirect outbound port 80 to a local apache/httpd server. Have that server reply to *all* requests with a page like so: "This network requires the use of a web proxy. Point your browser's proxy settings to 192.168.0.3:8080". Secondly, regarding configuration: You can setup a wpad.dat / proxy.pac file that contains a jscript proxy selection logic. There is a I-D on that. (Just search for WPAD). So, users with autoconfig working will ahve nothing to do. The exceptions will see the instructions page, and know what to do. Cheers, Rob -- GPG key available at: <http://users.bigpond.net.au/robertc/keys.txt>.
signature.asc
Description: This is a digitally signed message part
