Grex Garage Conference

View Responses

Grex Garage Item 21: Squid Firewall for Grex
Entered by nharmon on Sat Dec 3 02:04:52 UTC 2005:

The latest Grex BoD minutes talks about using a seperate machine running
Squid as a firewall. I'm assuming squid would only be used to stop
outgoing attacks originating from Grex. How would we use squid as an
incoming firewall as well?

6 responses total.

#1 of 6 by gull on Tue Dec 13 21:01:41 2005:

Squid isn't a firewall, it's a web proxy. You can use the same machine as a squid proxy and a router/firewall, though.

#2 of 6 by saw on Tue Mar 28 20:33:08 2006:

Anything new on this?

At work, we have the same type of setup ... a single Debian box
that acts as our firewall (for our servers), NAT (for our corporate
network), VPN server (for employees to login remotely), and Squid
proxy.  Works nicely.  It's only gone down once in about two
years -- when I shut it down to move it to our current location.

Squid could be handy in conserving bandwidth for Grex, or limiting
what sites can be visited by users, etc.

#3 of 6 by nharmon on Tue Mar 28 21:26:58 2006:

Do you do any authentication on squid, saw?

#4 of 6 by tod on Tue Apr 4 18:27:38 2006:

One could use IPCHAINS on their Vic-20.
Meet me by the swings, Jimmy

#5 of 6 by saw on Fri Sep 8 20:30:03 2006:

We *had* authentication at one time, using some hack that was supposed
to do NTLM auth for our Windoze users.  Didn't work too well.

As of now, we have no authentication on it.  However, that said, we
do have ACLs in place to prevent unauthorized use.  (Only internal
LAN IPs can use it, VPN IPs can use it, and a *few* selected external
IPs can go through it.)

#6 of 6 by tod on Sat Sep 9 15:33:31 2006:

re #2
Where do you work again?  >;)

Response not possible - You must register and login before posting.