Browse with our without proxy settings
-
Hi, I like to setup my Squid in pfsense that will allow me to browse on the internet only when I have setup the correct proxy settings in the IE or FF.
Now I’m using squid and its working for blacklisting URL’s even loggings are working so I can see where everyone is browsing to.
Who can help me out with this?Thanks!
-
If you don't want people to be able to browse without using the proxy, just block outbound access to port 80/TCP and 443/TCP. If you search the forum you'll get more information.
-
Thanks, that was the awnser ;)
Now I have an other quistion about the proxy. I don't think that the urls that are been visit will be hold on the proxy.
When I try to visti again the same site with pictures in, I see on my WAN traffic graph that the downloads again are comming from the internet and nog directly from the proxy.
Is this even an setting problem?Thanks
-
Maybe.
If the images are marked for "no-cache" or similar then the proxy isn't supposed to cache the image. It could also be a config issue, I suggest you read the Squid documentation ;)
-
I think this is the awnser:
As you can see, pressing reload in Netscape (and some other browsers) doesn't simply re-fetch the page, it forces the cache not to serve the cached page. Many people doing tests of how the cache increases performance simply press reload, and believe that there has been no change in speed. The cache is, in fact, re-downloading the page from the origin server, so a speed increase is impossible.
To test the cache properly you need two machines setup to access the cache, and a page that does not contain do not cache me headers. Pages that use ASP often include headers that force Squid not to cache the page, even if the authors are not aware of it's implications.
So, to test the cache, choose a site that is off your local network (for a marked change, choose one in a different country) and access it from the first machine. Once it has download, change to the second machine and re-download the page. Once the page has downloaded there, check that the page is marked as a 'HIT' (in the file called access.log - the basics of which are covered earlier in this book). If the second accesses were marked as misses, it is probably because the origin server is asking Squid not to cache the page. Try a different page and see difference the cache makes to browsing speed.
Many people are looking for an increase in performance on problem pages, since this is when people believe that they are getting the short end of the stick. If you choose a site that is too close, you may only be able to see a difference in the speed in the transaction-time field of the access.log.