Everyone,
I have set up squid as a proxy http server in order to filter web access for an office that wants to block certain web sites.
Is there a way to use the dhcpd server to assign the squid server and port number 3128 to each Linux desktop when they boot using the existing dhcpd server. Or do I need to change each user's network preference setup in firefox. The dhcpd server and squid are on the same server.
I have looked at the man pages for dhcpd, dhcpd.conf, dhcp-options, dhcllient, and dhclient.conf.
I found an option :
option www-server ###.###.###.### However there was no reference to stipulate a port number like 3128 that is used by squid.
Other searching on the web has uncovered the use of:
option custom-proxy-server "http://192.168.1.1/wpad.pac" but I am uncertain as to how to configure wpad.pac file
Any answers or suggestions on reading material would be appreciated.
Thanks,
Greg Ennis
Gregory P. Ennis wrote:
Everyone,
I have set up squid as a proxy http server in order to filter web access for an office that wants to block certain web sites.
Is there a way to use the dhcpd server to assign the squid server and port number 3128 to each Linux desktop when they boot using the existing dhcpd server. Or do I need to change each user's network preference setup in firefox. The dhcpd server and squid are on the same server.
Have you considered setting up squid as a transparent proxy so all HTTP requests go through it instead of configuring the clients to use the proxy? It'd be more secure anyways considering not everything has configuration to use a proxy.
nate
On Fri, 2008-02-01 at 10:21 -0800, nate wrote:
Gregory P. Ennis wrote:
Everyone,
I have set up squid as a proxy http server in order to filter web access for an office that wants to block certain web sites.
Is there a way to use the dhcpd server to assign the squid server and port number 3128 to each Linux desktop when they boot using the existing dhcpd server. Or do I need to change each user's network preference setup in firefox. The dhcpd server and squid are on the same server.
Have you considered setting up squid as a transparent proxy so all HTTP requests go through it instead of configuring the clients to use the proxy? It'd be more secure anyways considering not everything has configuration to use a proxy.
nate
Nate,
Thanks for the suggestion... that was a much easier approach. There were some previous posts in November of last year that had some good references. I have everything working as I had hoped.
I would still be interested to know if the dhcp servers could be used for this kind of thing.
Greg
on 2/1/2008 11:17 AM Gregory P. Ennis spake the following:
On Fri, 2008-02-01 at 10:21 -0800, nate wrote:
Gregory P. Ennis wrote:
Everyone,
I have set up squid as a proxy http server in order to filter web access for an office that wants to block certain web sites.
Is there a way to use the dhcpd server to assign the squid server and port number 3128 to each Linux desktop when they boot using the existing dhcpd server. Or do I need to change each user's network preference setup in firefox. The dhcpd server and squid are on the same server.
Have you considered setting up squid as a transparent proxy so all HTTP requests go through it instead of configuring the clients to use the proxy? It'd be more secure anyways considering not everything has configuration to use a proxy.
nate
Nate,
Thanks for the suggestion... that was a much easier approach. There were some previous posts in November of last year that had some good references. I have everything working as I had hoped.
I would still be interested to know if the dhcp servers could be used for this kind of thing.
Greg
I know that windows machines won't pick up any option like this from DHCP. You have to use the proxy.pac which I could never get working quite right from anything but a microsoft proxy server. A transparent filter works better anyway, as your users will have a harder time bypassing it.
On Fri, 2008-02-01 at 11:36 -0800, Scott Silva wrote:
on 2/1/2008 11:17 AM Gregory P. Ennis spake the following:
On Fri, 2008-02-01 at 10:21 -0800, nate wrote:
Gregory P. Ennis wrote:
Everyone,
I have set up squid as a proxy http server in order to filter web access for an office that wants to block certain web sites.
Is there a way to use the dhcpd server to assign the squid server and port number 3128 to each Linux desktop when they boot using the existing dhcpd server. Or do I need to change each user's network preference setup in firefox. The dhcpd server and squid are on the same server.
Have you considered setting up squid as a transparent proxy so all HTTP requests go through it instead of configuring the clients to use the proxy? It'd be more secure anyways considering not everything has configuration to use a proxy.
nate
Nate,
Thanks for the suggestion... that was a much easier approach. There were some previous posts in November of last year that had some good references. I have everything working as I had hoped.
I would still be interested to know if the dhcp servers could be used for this kind of thing.
Greg
I know that windows machines won't pick up any option like this from DHCP. You have to use the proxy.pac which I could never get working quite right from anything but a microsoft proxy server. A transparent filter works better anyway, as your users will have a harder time bypassing it.
Scott,
Thanks for the advice... the transparent filter works perfectly, and better than I planned. I could not find a starting place with the proxy.pac file for Linux either.
Greg
-
Gregory P. Ennis -
nate -
Scott Silva