How to stop Squid proxy server from monitoring the inside LAN activity



  • Hey,
    I'm having a problem with this Squid proxy guy. I have installed it and set it up like the guides say, nothing hard everything works fine and the lite squid monitor is nice monitoring everything. But the problem is literally that he monitors "everything", even the internal activities of the hosts and servers that are communicating between each others. like hey, this pc is transferring files to that server, what the hell are you monitoring?
    I cannot detect how is he doing that, and I need your help guys. tell me what configuration is required from me to clarify the issue here, because my aim is that I want to only monitor the computers (users) going through the firewall to access the internet, not the local network.
    Thank you.



  • Are you sure this is what's happening?  Squid, when running on transparent mode, will intercept all TCP 80/443 traffic and that's it.  Inter-LAN traffic doesn't even hit the firewall unless it's travelling between different interfaces.  I've been running squid & lightsquid for literally years now, and I've never seen anything like what you describe.  What are you looking at that makes you assume squid is even involved here?



  • Not possible unless you have a misconfigured network, either physically or logically.  That aside, SQUID ignores everything outside of 80/443/3218



  • @KOM:

    Are you sure this is what's happening?  Squid, when running on transparent mode, will intercept all TCP 80/443 traffic and that's it.  Inter-LAN traffic doesn't even hit the firewall unless it's travelling between different interfaces.  I've been running squid & lightsquid for literally years now, and I've never seen anything like what you describe.  What are you looking at that makes you assume squid is even involved here?

    My squid is not on transparent mode, I've run a group policy management to distribute proxies into the domain devices. Well if that has any effect on the monitor then it seems that we have a major problem.
    If not, well I guess C0RR0SIVE might be right, I need to re-check my network schema.


Log in to reply