Topic: i want the squid proxy only have access to the internet

[hatsa]

plz plz plz this is tha last thing i'll ask for i want all the connected pc's with sme server the internet working on them only by proxy and if i have removed the poxy server ip and port from the
LAN Settings the internet not working plz plz this is the las thing i want to do
and plz dont say to me the sme server didn't made for this plz i want this very important think it's so easy 

[gzartman]

SME uses a transparent proxy all of the time, unless you shut it off.

Are you wanting your http LAN traffic to only go through a socks5 proxy or something? 

You should really work on (or at least try) to use proper english when asking a question.  It is very difficult to understand what you are talking about when you make one big run on sentence littered with phrases such as plz.   I feel like I'm texting with one of my teenage kids.

[Stefano]

hatsa, please read here

Thank you
Ciao
Stefano

[hatsa]

i am sorry all but i am really need to do this things

i want  http LAN traffic to only go through a proxy

[Craig Cabrey]

I think I understand what he wants:
The SME Server should be the only computer with direct access to the internet. If any computer is plugged into the LAN without properly being configured, it should NOT be able to connect. Instead, it would have to be configured to use SME Server's squid proxy [or other software] to even get out on the internet. This way, all traffic would have to go through SME Server and there would be no way to avoid, short of unplugging the server.
Well, correct me if I'm wrong I guess...PS: I still don't know how to do this I'm just clarifying this thread. 
Craig

[mmccarn]

You can use the instructions in http://wiki.contribs.org/Firewall#Block_outgoing_ports to block all outbound traffic from LAN workstations.  When done, your LAN workstations can only talk to your SME server, or through the Squid or SMTP proxy to the internet.

Watch out - I don't know if Squid will pass https traffic - which might leave you needing to open port 443 to the Internet for anyone who needs https - which would let them bypass your SME server if they could figure out how.

[hatsa]

look i'll tell you i have sme server installed on my pc ok and 
the first LAN Card connected with router and the secound LAN Card connected with my laptop ok
when i open my laptop the dhcp server give me ip ok and  i can open the internet from my laptop so easy ok
i want the internet not working till i add the proxy 10.0.0.1 and te port 8080 in the internet explorer lan settings

i think all understand now

[versa]

Just a suggestion
Read mmccarn post and follow his guide.
Then read the following http://wiki.contribs.org/DB_Variables_Configuration#Squid_Proxy_.28squid.29

disable the transperent proxy.

I have not tried it but it should require you to have the proxy set on your lan machines in order to access the internet.

You mentioned port 8080 then that might imply you also want dansguardian filtering ?
If so read this, http://wiki.contribs.org/Dansguardian

Hope this helps you.

[hatsa]

look bro all the things that you said are good but there is some steps i cant to do

like this

Create desired db entries to suit the ports & protocols you want to block

config setprop masq TCPBlocks address:port
config setprop masq UDPBlocks address:port

i dont know what is it and config setprop i dont know if it's command or i must put it in conf file

you  will help me so much if you explane it to me

[Craig Cabrey]

config setprop masq TCPBlocks address:port
config setprop masq UDPBlocks address:port

i dont know what is it and config setprop i dont know if it's command or i must put it in conf file

Those are commands that you must type in a root prompt (meaning login as root user).
The "config" command is just a shortcut to "db configuration."

[hatsa]

thanx Craig Cabrey

[hatsa]

thank you very much versa but now the samba sharing not working befour i made the changes that you told me to do when i type \\smeserver it's open the server now it's not working