Content Filtering in a LAN

Discuss Networking
Post Reply
agent007
administrator
administrator
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm

Content Filtering in a LAN

Post by agent007 »

Hi all,

IF, in a LAN all the PC's (workstations) have to connect to the internet via a s
erver (gateway), how do i configure content filtering for all the browsers on the workstations? Do I have to specify IP and port in the proxy settings of all the browsers? Also, if someone were to remove the proxy settings from their browsers then they'd be able to see the unwanted stuff correct?

thanks.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

I have addressed this on my personal LAN. There are a couple of different ways you can handle this. First of all, I assume you have a firewall between you and the outside world. I have my firewall set up to block traffic destined for port 80 outside of my network, except from my proxy server. You may want to block more than just port 80. If any of my internal machines want to access the internet, they must go through the proxy server so yes all browsers on my network are configured to go through the proxy. If they remove the proxy from the browser configuration they just can't get to anywhere.

The other way to do it is to set up a transparent proxy, then the browser does not have to be configured to use a proxy. Basically you have a firewall rule that redirects outbound port 80 traffic to the proxy port on your proxy server. I would like to do this but then my authentication will not work which for me is critical. I want to be able to identify who is browsing where and possibly restrict access based on the proxy user.

agent007
administrator
administrator
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm

Post by agent007 »

About authentication.....Will the authenticaton box come up everytime u try visiting a site?

thanks.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

No, it only comes up once in a browser session. That is, you open your browser, it asks you for your ID/password. It remembers your ID until the browser is closed.

agent007
administrator
administrator
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm

Post by agent007 »

hmmmm....Are there any resources which would give me some detailed info on how to setup these transparent proxies and stuff?

thanks

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Got this very good looking link:
http://squid.visolve.com/white_papers/trans_caching.htm

off of the main Squid site:
http://www.squid-cache.org/

But there are many documents out there on the net on how to do it. It's really pretty simple.

agent007
administrator
administrator
Posts: 254
Joined: Wed Feb 12, 2003 11:26 pm

Post by agent007 »

Cool links!! Thanks a bunch!

007

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »


Post Reply