Hi Gurus,

I want to ask about squid

Right now, I've server with squid installed and configured as transparent proxy

Everything are going as it should. User can browse internet and I can also set ACL so that only registered PC can use my proxy server

But tonight, I found very annoying thing

Non registered PC can still use my proxy server if they define another proxy at the browser

Is it possible to prevent such thing ?

Many thanks for your help

Please provide sufficient detail.

Through what ACL you are controlling registered PC ?

What you mean when you say " define another proxy at the browser"

Hi vishesh, thank you for your reply and sorry for not giving information clear enough

I control the registered PC by their mac address

And what I mean with "define another proxy" was :

Because I define my squid as transparent, user don't have to define my proxy at the browser right ?

For example at IE : Tools - internet option - connections - lan settings - proxy server

Just set my squid server as the gateway

And the problem arise when the user define another proxy (ex. from proxy list website) at the browser and still can browse internet even if they mac doesn't registered

I hope I make my self clear right now

I think you can disallow traffic coming from other PC for proxy. For example if your proxy port in 8080

iptables -I INPUT -s your proxy server ip -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -p tcp --dport 8080 -j DROP

I guess that might be worked, I'll try it when I came home

One more question, how if the other proxy use port 80 ?

Thanks