> -----Original Message----- > From: Kenn Murrah [mailto:[EMAIL PROTECTED]]
> Is there any way to ensure that the proxy is not being > bypassed? In other > words, the proxy has an IP of 192.168.100.100, which logs > the traffic and > directs it to the gateway (192.168.100.41) ... is there any > possible way to > keep an enterprising user from discovering the gateway > address and accessing > it directly, bypassing squid? My solution was to set the gateway's firewall to only allow outgoing requests from Squid on web server ports. If they don't go through Squid, their connections get refused. Very effective. Plus your firewall log then becomes a list of misconfigured machines. ;)
