On Mon, May 17, 2004 at 06:42:58PM -0400, Joseph S D Yao wrote:
> I've seen similar questions to mine in the archives with no answers.
> I'm open to any reasonable suggestions.
>
> We have several different proxying firewalls coming out of our private
> internet to the public Internet. I'd like to use squid to (a) change
> or remove some of the header information that's gratuitously [;-)]
> entered by some browser paths, and (b) to direct which proxying
> firewall I want to use. I believe I have read that squid can do (a).
> I had thought that squid could do (b). The considerations for the
> latter are:
>
> - some users will be coming from anywhere [corporate network,
> dial-in, other VPNs], but will want to select one particular
> firewall that does things they way they like it, and we need
> to accommodate those customers
> - some users' organizations have stated a preference for
> certain firewalls, and so we need to accommodate those
> customers
> - some URLs' hosts are "closest" on the public Internet to one
> or another firewall, and so we'd like to use that firewall
> for those hosts, in the absence of a clearly stated request
> - some firewalls are equivalent, and in the absence of any
> other consideration, we'd like to pass queries around.
It looks like I declare all of the firewals to be "parent" peers, and
use ACLs to do all this. Does this sound right?
Thanks!
--
Joe Yao [EMAIL PROTECTED] - Joseph S. D. Yao
OSIS Center Systems Support EMT-B
-----------------------------------------------------------------------
PLEASE ... send or Cc: all "OSIS Systems Support"
mail to [EMAIL PROTECTED]
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
