[KLUG Members] Squid

[Adam Tauno Williams]

>it works fine.  Is there a better way to force all internet traffic to go
>through the proxy? 

You caould try running it transparent.

> Also, my brothers and sisters cannot access their webmail
>at their high school when they go through the proxy server.  When they go to
>click on the signon button, they get this error complaining about there is an
>ACL blocking their access.  Its not the proxy, but the actual webserver 
from
>the school (MS IIS, figures).  As soon as they go to the site normally,
>bypassing the proxy it works fine.  Is there a problem with squid and MS 
IIS's
>http auth implementation?  

No, this is not squid's fault.  The site is using NTLM authentication which 
cannot be proxied.  You can just write a rule to allow that traffic around 
the proxy  (best to use a tool like fwbuilder as all these 
exceptions/exemptions get confusing).  

BUT what you should do is call them up and tell them to fix their bloody 
configuration as you aren't supposed to use NTLM auth over the Internet.  
It just proves there server admin is a drooling idiot who should be fired.  
The moron probably didn't even really config the server and is just running 
all the default settings (or you could just wait a few days until someone 
hacks the things and it goes offline,  which is probably inevitable).