Specifications
ident_lookup_access allow hacl_namei With this, you will manage to have
an ident request run through for all ACL-defined clients to find out
each user’s identity. If you apply all to the hacl_namei, this will be
valid for all clients. Also, an ident daemon must be running on all
clients. For Linux, install the pidentd package for this purpose. For
Windows, there is free software available to download from the Inter-
net. To ensure that only clients with a successful ident lookup are per-
mitted, a corresponding ACL will also have to be defined here:
acl identhosts ident REQUIRED
http_access allow identhosts http_access deny all
Here, too, replace the REQUIRED with a list of permitted user names.
Using ident can slow down the access time quite a bit, because ident
lookups will definitely be repeated for each request.
Transparent Proxy Configuration
The usual way of working with proxy servers is the following: the web
browser sends requests to a certain port in the proxy server and the proxy
provides these required objects, whether they are in its cache or not. When
working in a real network, several situations may arise:
For security reasons, it is recommended that all clients use a proxy to
surf the Internet.
All clients must use a proxy whether they are aware of it or not.
In larger networks already using a proxy, it is possible to spare yourself
the trouble of reconfiguring each machine whenever changes are made
in the system.
In all these cases, a transparent proxy may be used. The principle is very
easy: the proxy intercepts and answers the requests of the web browser, so
that the web browser receives the requested pages without knowing where
they are coming from. This entire process is done transparently, hence the
name.
178 Transparent Proxy Configuration