Koozali.org: home of the SME Server
Contribs.org Forums => General Discussion => Topic started by: besterl on May 02, 2012, 09:27:23 AM
-
In squid I block keywords eg. porn.
One of the sites I am currently blocking is Facebook.
Some of the users are getting clever now and are starting to use an external anonymous proxy using port 3128 (Same as my onsite proxy).
I want to block it using the RiffRaff method, but I am not sure of the details I need to place in this template.
For example - If I want to block all access to 123.123.123.123 port 3128 TCP, what do I need to place in the 40DenyRiffRaff template
Thanks
-
none of your users should be able to change the proxy setup.. none of your users should be a local administrator..
IMHO you should change point of view.. instead changing SME, try to change your users' attitude..
-
besterl
Alternatively use the functionality of Dansguardian to force usage of the local DG proxy port
http://wiki.contribs.org/Dansguardian#Modifying_Firewall_and_Proxy
-
Here is some info you could use to block all outgoing traffic from your LAN workstations without installing dansguardian:
http://wiki.contribs.org/Firewall#Block_outgoing_ports
-
I want to block it using the RiffRaff method, but I am not sure of the details I need to place in this template.
For example - If I want to block all access to 123.123.123.123 port 3128 TCP, what do I need to place in the 40DenyRiffRaff template
That 40DenyRiffRaff template, as supplied, blocks all stuff 'incoming'
...whereas I suspect you want/need to block stuff 'outgoing'?
Should I want to do this here then I would do it on the router.
Dead simple... a few options in the packet sniffing firewall configuration.
YMMV