• I am trying to figure out what would be the best way to accomplish this:

    Squid Proxy running with a pac file on the hosts directing it to use the proxy, the proxy will ldap authenticate for general web surfing.

    Non proxy traffic on port 80 will be disallowed, with certain urls/domains being allowed.

    I have a set of devices were I cannot set the proxy on, but need access to some web resources - I would like to filter based on the urls they need, while blocking everything else, unless it goes through the proxy.  I am somewhat concerned about using an alias incase the dns information changes.

    On my old linux box I accomplished this with two proxy instances - one transparent and one non transparent, anything not configured by the pac file was automatically redirected to the transparent proxy.  I'm not sure that is possible here.


  • No one has any idea on how to create a whitelist for non proxied or transparently proxied users, along with an authenticated proxy?
    An allias and firewall rule is probably not the solution I am looking for…

  • sure So let me get this:

    A group of users to ignore the squid proxy?

    A group of users to use squid proxy and block pages?

    LDAP? yikes :( I would rather just create a grey list