Re: [squid-users] Solutions for transparent + proxy_auth?

From: Steve Brown <[email protected]>
Date: Mon, 20 Feb 2006 21:28:47 -0600

> Drop it :

Oh boy, I can already tell this will be fun...

Unfortunately, I can't drop it. I've been told to investigate this by
my boss because we have a coporate liability due to these boxes having
unrestricted net access. If it can't be done, that's fine, but I need
some technical details as to why this specific scheme will not work.
My boss won't like "drop it" as an answer. :-)

> http://squidwiki.kinkie.it/SquidFaq/InterceptionProxy

I'm confused by this link. You tell me to "drop it" and point me to a
page that has two paragraphs about why it *shouldn't* be done, then
spends the next three pages describing all the ways it can be done?

> Try to *think* what you are saying, how in any sense would that global
> parent have any carry-thru info, about who was in front of the
> intercepting SQUID ?

Sorry, I'm just trying to gather some information here about what can
be done. What "carry-thru" info is needed? Why does it matter who is
in front of the intercepting cache? If the parent cache uses
authentication, only authed machines will be allowed to connect? How
is this any different than a typical squid peer/parent arrangement?
Received on Mon Feb 20 2006 - 20:28:49 MST

This archive was generated by hypermail pre-2.1.9 : Wed Mar 01 2006 - 12:00:03 MST