Need help with Squid and capturing url traffic?
I would like to know if this is possible...
I have Squid setup to allow access to only specific web sites. What I would like to be able to do is if they type in something like linuxquestions.org have it automatically return them to our department's web page. So regardless of what url is typed in the browser, I want them to see the department page unless it's a site on the allowed list. |
squid can't do this internally... you need to use a redirector script...
the script would be called from within the squid.conf file with the tag: Code:
redirect_program Quote:
there's an example perl script there... i've never written a redirect script, but it doesn't seem to be very complicated... and for a solution as simple as the one you are trying to implement it would probably be trivial... just my :twocents:... |
All you need is snort :-)
Hey,
Give a look at www.snort.org It is a lot of work, and I don't know how much you need to control your trafic, but if you have 5 minutes to spend, you can see the snort website |
Re: All you need is snort :-)
Quote:
|
But it could be
From Snort web faq:
// 5.12 How can I use Snort to log HTTP URLs or SMTP traffic? It can be done with Snort, but you might find it faster to use mailsnarf and urlsnarf from Dug Song's dsniff package. Dsniff is available from: // There are some threads in this forum about how to block or re-direct things like msmessanger or orkut. You can't do it just with squid / iptable. (orkut yes, but not msmessanger) More then one suggested snort would help. What are he trying to redirect? I'd say use iptable, it is simple. But if is it something like msmessenger? I suggested snort. Excuse if this is a little more then he possibly asked, but it is not completly wrong. And maybe it is even necessary. |
i have created a simple perl script to reach atl02wrx's goal using the example in section 15 of the squid FAQ...
Code:
DISCLAIMER: i am in NO WAY a coder so don't take this as the example i've posted will allow users to connect ONLY to these HTTP sites: - directory.google.com - www.google.com - news.google.com - maps.google.com if any other URL is entered, the user will be redirected to http://directory.google.com to install it i just saved the script as /var/squid/example.pl, made it executable, made it owned by the squid user, and added this line to my squid.conf: Code:
redirect_program /var/squid/example.pl Code:
squid -k reconfigure here's the script: Code:
#!/usr/bin/perl |
All times are GMT -5. The time now is 05:25 AM. |