[KLUG Members] Squid

[agencies_ad1 at sancharnet.in]

ello,

My parents recently got high speed internet access, and I set them up with a
RHEL4 box for a gateway and a proxy server.  My dad wants to make it so you
have to go through the proxy if you want to get out for the internet, so I did
this by putting the following iptables rules to block normal forwarding of the
80/443 ports

iptables -A FORWARD -p tcp --dport 80 -j DROP
iptables -A FORWARD -p udp --dport 80 -j DROP
iptables -A FORWARD -p tcp --dport 443 -j DROP
iptables -A FORWARD -p udp --dport 443 -j DROP

This works well, except when they go to access their webmail with earthlink, and
then they get connection refused problems.  As soon as I take those rules out
it works fine.  Is there a better way to force all internet traffic to go
through the proxy?  Also, my brothers and sisters cannot access their webmail
at their high school when they go through the proxy server.  When they go to
click on the signon button, they get this error complaining about there is an
ACL blocking their access.  Its not the proxy, but the actual webserver from
the school (MS IIS, figures).  As soon as they go to the site normally,
bypassing the proxy it works fine.  Is there a problem with squid and MS IIS's
http auth implementation?  Any suggestions are welcome.  

Thank you,

Regards,
Komal

----------------------------------------------------------------
This message was sent using NWebmail, BSNL's Webmail Program