LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-02-2014, 03:11 PM   #1
sigint-ninja
Member
 
Registered: Feb 2011
Location: Republic Of Ireland
Distribution: Debian,Centos,Slackware
Posts: 472

Rep: Reputation: 29
Best solution for linux based proxy server in an office


Hi guys

i have been charged with the task of implementing a proxy server on a company
network to allow management to monitor staff internet usage (i have already explained to them that by law they have to divulge this information to their staff)

The network isnt too big, a windows server 2008r2 and about 15 client pc's running win 7 / xp (phasing out the xp machines at the moment)

i need to have the following functionality:

1) indicate which sites are being accessed on a user by user basis
2) What times the sites were accessed (activity counter would be nice)
3) maybe some kind of white list/blacklist where i can block traffic to a particular site if the need arises.

I have read in a book im reading about squid...but have never installed it or used it...

i know about untangle and have wondered if any of you have used it, think its good, or have another suggestion.

im thinking about using an older pc with two network cards, one to the internet, and one to my internal network as to capture / monitor all connections going out to the net.

any thoughts or ideas appreciated
 
Old 09-02-2014, 06:26 PM   #2
daveymg
LQ Newbie
 
Registered: Aug 2003
Location: New Zealand
Distribution: Fedora Core
Posts: 4

Rep: Reputation: 0
I've used squid for many years along with SARG to analyse the log files. SARG produces reports by user, site and access times along with traffic volumes. You'll need to setup the clients to access the internet via the proxy server. If your clients are connected to a windows domain then group policy can do that or you could setup a transparent proxy server to force the traffic through the proxy. I've used Shorewall to configure iptables to do this.
 
Old 09-03-2014, 11:52 AM   #3
DarrenDrapkin
Member
 
Registered: Aug 2014
Distribution: Slackware x86 64 current
Posts: 55

Rep: Reputation: Disabled
If you have only 20 PCs you could probably get away with just scripting up iptables with a shell, and klogd to do the actual logging
 
Old 09-10-2014, 02:18 PM   #4
sigint-ninja
Member
 
Registered: Feb 2011
Location: Republic Of Ireland
Distribution: Debian,Centos,Slackware
Posts: 472

Original Poster
Rep: Reputation: 29
hi darren,

yes i would like to learn and use iptables more...so do i just have my traffic running through a linux box and configure iptables to report back etc...is there a preferred distro i should use for this purpose, or doesnt it matter (Slackware???)

thanks
 
Old 09-11-2014, 08:33 AM   #5
erik2282
Member
 
Registered: May 2011
Location: TX
Distribution: Debian, CentOS
Posts: 649

Rep: Reputation: 173Reputation: 173
perhaps BSD-based pfsense?
 
Old 09-11-2014, 12:34 PM   #6
sigint-ninja
Member
 
Registered: Feb 2011
Location: Republic Of Ireland
Distribution: Debian,Centos,Slackware
Posts: 472

Original Poster
Rep: Reputation: 29
pfsense looks interesting...reading
 
Old 09-11-2014, 02:00 PM   #7
jstephens84
Senior Member
 
Registered: Sep 2004
Location: Nashville
Distribution: Manjaro, RHEL, CentOS
Posts: 2,098

Rep: Reputation: 102Reputation: 102
Some points to keep in mind. if you use a device inline you will need to make sure it can fail open so in the event of an issue traffic can still make it out to the internet. The downfall of course people will now access sites they shouldn't.

As for untangle I think it is really good. especially for a small office. Dansguardian is another that I have heard of but I really have not used it for web filtering.

Also when reading it sounds like you are wanting a web filter more than a proxy servers.

On a side note most Security Policies cover the monitoring aspect which is in I believe the Accptable use policy.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
need a web-based solution to bypass corporate proxy coontie Linux - Software 7 12-18-2006 08:58 PM
LXer: Web Hosting Solution, Features Linux-Based Backup Server LXer Syndicated Linux News 0 11-03-2006 06:03 AM


All times are GMT -5. The time now is 03:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration