[K12OSN] Squid / Socks

Josiah Ritchie jritchie at bible.edu
Wed May 19 12:18:31 UTC 2004

On Wed, 2004-05-19 at 08:00, daniel.hunt at iibbank.ie wrote:
> From: Les Bell [mailto:lesbell at lesbell.com.au]
> >>
> > I know that Squid is a simple http proxy - what I'm looking for is a
> > complete proxy system ... that can help filter everything including (but
> > not
> > limited to) IM applications / browsers / other stuff :p / etc
> > <<
> > Almost by definition, there's no such thing. For application layer
> > protocols, because there are so many of them and they work so differently
> > (compare FTP and Real Audio, for example), you need a different proxy
> > server for each protocol. Squid is unusually sophisticated in being both
> an
> > http and ftp proxy (as well as wais). Everything else, you deal with on a
> > protocol-by-protocol basis, or you use a transport-layer approach like
> > socks, or you do packet filtering on ip addresses, protocols, port numbers
> > and flags.
> Ah .. I didnt know that ..
> I thought I could just slap a redhat box between my lan and my router with
> squid and a socks5 server and it'd stop all those nasty mp3's being sent by
> my sister to her friends ;)

:-) That's not an easy task at all. Even if you track down the port it
works on, it's likely to change ports again each time you track it down.
You could block all but valid ports (we're talking iptables now) and
then it would take awhile until it found and operated on one of the open
ports. Better, just block the IP address, but I don't want to start a
family feud. :-)


More information about the K12OSN mailing list