What you do to accomplish this is to transparently intercept the connections, but instead of redirecting the connections to Squid you redirect them to a simple web server (for example Apache) which no matter what request it received sends a browser redirect sending the user to another internal web server giving these instructions.
The following trivial shell script based web server run from (x)inetd even does the trick, but I'd recommend using a better web serer: -- cut here -- #!/bin/sh cat <<EOF HTTP/1.0 302 Found Location: http://www.your.domain/howto_setup_proxy.html Content-Type: text/html You need to configure your proxy settings. See http://www.your.domain/howto_setup_proxy.html for detailed instructions EOF sleep 1 -- cut here -- Regards Henrik Fabien Salvi wrote: > > Hello, > > I've made some tests with transparent proxy which work fine. > But, I would like to do something a bit special. > > * Actually, when a user is trying to access the Internet, he can't if > not using our proxy server > > => I could just setup the transparent proxy and he could access without > knowing he's using a transparent proxy. > It would work fine. > > But, I don't want users to not making the good proxy configuration for > security and other personal reasons including the drawback of > transparent proxy (it doesn't work for SSL and FTP). > > What I would like, is to alert the user that he must use a proxy by > giving him the good parameters and a link to a documentation. > > Is it possible with squid or maybe I should use another tool ? > > I try with simple redirect with iptables (it's under linux), but of > course, it won't work because the reply from a web server (like apache) > does'nt use the correct IP source address and the client drop the packets... > > Does anyone have a suggestion ? > > Thanks in advance for your help ! > > -- > Fabien SALVI Centre de Ressources Informatiques > Archamps, France -- http://www.cri74.org > PingOO GNU/linux distribution : http://www.pingoo.org
