How to Stop bypassing Proxy server

Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

Some of the users at my location are accessing the Internet by
bypassing the in-house proxy server. They are just typing the upstream
proxy server IP address and port number in browser and accessing the
Internet. How can I prohibit such activities? My network is on
192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
(take these IP addresses as an example). I can access 195.2.104.0
network from my location. I am using Squid Proxy server on Linux RH8.
3 answers Last reply
More about stop bypassing proxy server
  1. Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

    On 28 May 2004 02:47:35 -0700, ssp2000 spoketh

    >Some of the users at my location are accessing the Internet by
    >bypassing the in-house proxy server. They are just typing the upstream
    >proxy server IP address and port number in browser and accessing the
    >Internet. How can I prohibit such activities? My network is on
    >192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
    >(take these IP addresses as an example). I can access 195.2.104.0
    >network from my location. I am using Squid Proxy server on Linux RH8.

    On Windows computers, you can use Group Policies to block access to any
    and all of the settings for Internet Explorer, including the proxy
    settings.

    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
  2. Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

    ssp2000 wrote:

    > Some of the users at my location are accessing the Internet by
    > bypassing the in-house proxy server.[...]

    Configure packet filtering, allow outgoing http only from the proxy, block
    the rest of the network.

    iptables -A FORWARD -s $PROXY -p tcp --dport 80 -j ACCEPT
    iptables -A FORWARD -s $LAN -j REJECT

    should do.

    Wolfgang
    --
    A foreign body and a foreign mind
    never welcome in the land of the blind
    Peter Gabriel, Not one of us, 1980
  3. Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

    ssp2000 wrote:

    > Some of the users at my location are accessing the Internet by
    > bypassing the in-house proxy server. They are just typing the upstream
    > proxy server IP address and port number in browser and accessing the
    > Internet. How can I prohibit such activities? My network is on
    > 192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
    > (take these IP addresses as an example). I can access 195.2.104.0
    > network from my location. I am using Squid Proxy server on Linux RH8.

    I use transparent proxying which works like a charm. Something like:

    $IPTABLES -t nat -A PREROUTING -i $INTERNAL_NIC -p tcp --dport 80 -j
    REDIRECT --to-port 3128

    Which hijacks port 80 requests and forces them through squid. You'll also
    want to block people from using another proxy server, like so:

    $IPTABLES -A FORWARD -s 192.168.7.0/24 -p tcp --dport $ISP_PROXY_PORT -j
    DROP

    Then, in squid.conf, I set:

    httpd_accel_host virtual
    httpd_accel_port 80
    httpd_accel_with_proxy on
    httpd_accel_uses_host_header on

    Which enables transparent proxying.

    I tell my users not to use any proxy settings. Everything goes through
    squid. If someone tries to be "smart" by putting your ISP as the proxy, it
    simply won't work. In fact, they must either use your squid server as the
    proxy, or not put in any settings at all if they want web access.
Ask a new question

Read More

Firewalls Servers Proxy Linux Networking