[sllug-members]: Transparent Proxy Log Files

Justin Searle justin.searle at jetblue.com
Mon Nov 13 10:16:35 MST 2006 

> 1 - Is the transparent proxy the best way to force all traffic through
> the proxy/filter or are there better ways to accomplish this task?

Transparent proxies are my preferred method, as it is the easiest way to force 
everything through the filter without a lot of administration on the clients.  
You should note that it may break some websites like browser sync you 
mentioned, but that is only one of a handfull that I've ever heard of.  It is 
also good to note that user authentication to the proxy becomes more 
difficult and in some cases impossible, but I assume that you aren't trying 
that.

Of course the traditional way would be to configure a wpad file and have DHCP 
or DNS hand it out.  While it works great for Windows with IE and possibly 
FireFox, it may be problematic with anything outside of that.

And Cisco has their own solution for transparent redirection, but that doesn't 
help in this case.

I can't remember off my head, but I think you can still manually configure 
your clients to point directly to Dansguardian while leaving the transparent 
port forwarding for those machines/apps that aren't configured.  My one doubt 
is the transparent config changes to squid, but let me know if that works.

> 2 - Is there any way with transparent proxy to still show the client IP
> Address in the log files?

That is true for your proxy, but Dansguardian should have the right IPs in its 
logs.  And if you are using Dansguardian, there should be little reason to 
look at your proxy logs.

> 3 - Without debating if access in my home should be filtered, are there
> better ways to filter access for a family than dansguardian with
> multiple computers, and OS's? (Currently I have windoze, OS X, and Linux)

I havn't found one in the OSS world, especially once you connect Dansguardian 
to ClamAV.

> 4 - Finally, a little off-topic, but I want to keep track (log??) other
> types off internet usage in my home like chatting or other programs. Do
> I need another proxy for other internet access that logs and gives me
> access control lists? What's the best way to go here?

There are lots of OSS network monitoring programs out there, but I couldn't 
give you a good recommendation.  Maybe someone else in this list could offer 
some suggestions.   If this last question goes unanswered, pose it by itself 
in a few days, as its kinda hidden in this thread.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://sllug.org/pipermail/sllug-members/attachments/20061113/ec2261be/attachment.pgp

More information about the sllug-members mailing list