how to force the use of a web proxy?
Alan
alan at lxorguk.ukuu.org.uk
Wed Jan 3 18:50:28 UTC 2007
On Wed, 03 Jan 2007 13:18:47 -0500
Jeffrey Ross <jeff at bubble.org> wrote:
> Kevin Kempter wrote:
> > Hi List I have FC6, FC5, CentOS and Mepis boxes in my network. I have a proxy
> > which filters web access. I want to be able to force the entire network to
> > use the proxy. Currently I've simply gone to firefox and added the proxy to
> > the connection settings - however any user could change this back to direct
> > connection if they wanted to...
> >
> > How can I force the network for each box to use the proxy and basically not
> > work at all if the user tries to use a direct connection to the internet?
> >
> >
> > Thanks in advance
> >
> >
> Can you set your router/gateway to refuse web connections from any
> device other than your proxy server? Most web sites use tcp port 80
(and 8080 and also the https:// service ports)
You can also use the masquerading and transparent proxy features in the
kernel to do this transparently. One other thing you need to do to make
this foolproof is to ensure the proxy talks to the firewall by a
different network cable to the clients so that they can't impersonate the
proxy.
Alan
More information about the users
mailing list