How to Stop bypassing Proxy server?

05-29-2004, 06:06 PM

i am using a similar setup on my network. what i did was this. (squid is
using port 3128).

1) created a bridge with 2 network cards.
2) configured the router to pass all traffic to this proxy
3) iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port
3128.
4) configured squid to do transparent proxy.

All the users dont even know they are behind the squid proxy.

Andrew

"ssp2000" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> Some of the users at my location are accessing the Internet by
> bypassing the in-house proxy server. They are just typing the upstream
> proxy server IP address and port number in browser and accessing the
> Internet. How can I prohibit such activities? My network is on
> 192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
> (take these IP addresses as an example). I can access 195.2.104.0
> network from my location. I am using Squid Proxy server on Linux
> RH8.Can anyone suggests use of IPTABLES to achieve this?

05-31-2004, 04:53 AM

Some of the users at my location are accessing the Internet by
bypassing the in-house proxy server. They are just typing the upstream
proxy server IP address and port number in browser and accessing the
Internet. How can I prohibit such activities? My network is on
192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
(take these IP addresses as an example). I can access 195.2.104.0
network from my location. I am using Squid Proxy server on Linux
RH8.Can anyone suggests use of IPTABLES to achieve this?

05-31-2004, 09:11 AM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

In comp.os.linux.networking ssp2000 <(E-Mail Removed)> suggested:
> Some of the users at my location are accessing the Internet by
> bypassing the in-house proxy server. They are just typing the upstream
> proxy server IP address and port number in browser and accessing the
> Internet. How can I prohibit such activities? My network is on
> 192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
> (take these IP addresses as an example). I can access 195.2.104.0
> network from my location. I am using Squid Proxy server on Linux
> RH8.Can anyone suggests use of IPTABLES to achieve this?

Sounds like FAQ:

[http://www.squid-cache.org/Doc/FAQ/FAQ.html]

17. Interception Caching/Proxying

--
Michael Heiming (GPG-Key ID: 0xEDD27B94)
mail: echo (E-Mail Removed) | perl -pe 'y/a-z/n-za-m/'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAuva8AkPEju3Se5QRAgySAJ955bjCSSj/PXb91MaQ0wK1rFs5iACgpgqY
FVEIyB1lNU/vo9s8tgndexM=
=4G0u
-----END PGP SIGNATURE-----

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How to stop spammers bringing our server down?	Peter	Broadband	30	11-12-2007 06:14 PM
Stop DHCP Server in XP	Alphacenturi	Wireless Networks	1	03-20-2006 03:52 AM
Using an outside proxy server form behind a proxy server	UnaCoder	Linux Networking	6	02-22-2006 07:53 PM
Bypassing proxy	stalingrad	Windows Networking	4	12-28-2005 06:48 PM
How to Stop bypassing Proxy server	ssp2000	Linux Networking	3	05-31-2004 01:12 AM