Koozali.org: home of the SME Server

Blocking other proxy ports from the internal lan

Darryll Love

Blocking other proxy ports from the internal lan
« on: November 16, 2000, 12:10:21 AM »
I am the network admin for a large school disctrict and love the e-smith product.  The only problem I have had is with our high school age students that are pretty sharp and have figured out that they can set a different public proxy on port 8080 and go around or X-Stop filter.  I have the transproxy installed and manually edited the squid.conf to use out X-Stop proxy/filter as a parent proxy to pull data from.  This works great until they figured out how to go around it.  This was a problem that I was aware of as I have used the same tactic before myself.  What I need help with is which file(s) to edit to block a few ports, mainly 8080, on the inside lan(192.168.1.1).  Could I add some ipchain statements to rc.local to correct this problem?  Also on a slightly different note, is it possible to have squid tranproxy other ports like ftp?

Thank You,
Darryll Love
11-15-2000