On Sun, 2 May 2004, Mary Gardiner wrote:
> On Sun, May 02, 2004, Keith Hopkins wrote:
> > Instead of blocking port 80, you could also consider redirecting it
> > to the port used by squid.
>
> Or possibly put up a minimal web-page using one of the minimalist
> servers, that explains how to turn the proxy on. That's halfway between
> transparent proxy and packet dropping in terms of use.
That's a cool idea... here's an extension of that. Basically if they
haven't got their proxy setup it flips them to a web page that tells them
how to do so. Also... it's scary but you might be able to automatically
setup Internet Explorer somehow <evil grin> .. javascript hack?
I've missed the thread a bit here so I'll just define what I don't know.
LAN=eth0
Internet=eth1
Server's LAN IP=192.168.1.1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 \
-j DNAT --to-destination 192.168.1.1:81
Apache virtual host
<VirtualHost *:81>
DocumentRoot /var/www/noproxy
ServerName firewallname.your_domain.com.au
ServerAdmin [EMAIL PROTECTED]
Redirect / http://intranet_web_server/setup/proxy_howto.php
</VirtualHost>
proxy_howto.php
<?php
if ($_SERVER["HTTP_USER_AGENT"]
if (preg_match ("/mozilla/i", $_SERVER["HTTP_USER_AGENT"))
{
# how to setup mozilla page
}
elsif (preg_match ("/IE5/i", $_SERVER["HTTP_USER_AGENT"))
{
# how to setup IE5
}
else
{
# generic browser howto
}
?>
--
---<GRiP>---
Electronic Hobbyist, Former Arcadia BBS nut, Occasional nudist,
Linux Guru, SLUG Secretary, AUUG and Linux Australia member, Sydney
Flashmobber, Tenpin Bowler, BMX rider, Walker, Raver & rave music
lover, Big kid that refuses to grow up. I'd make a good family pet,
take me home today!
Some people actually read these things it seems.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
