on Sun, Aug 03, 2003 at 08:24:14PM +0100, Pigeon ([EMAIL PROTECTED]) wrote: > On Sat, Aug 02, 2003 at 09:18:22PM -0700, Paul Johnson wrote: > > On Fri, Aug 01, 2003 at 06:14:12PM +0100, Pigeon wrote: > > > In order to make it work, I didn't have to touch anything in squid's > > > own config, just put appropriate gateway entries in the machines' > > > /etc/network/interfaces and proxy entries in my browser's proxy config. > > > > Well, if you've got a beefy gateway, you could move the adzapping > > squid there, then use iptables to make it a transparent proxy and save > > yourself the trouble of having to point everything at the proxy. > > So, given that squid-on-a-firewall is apparently a negligible security > risk, this is all about ease of configuration, rather than performance > once configured? Cool, I know what I'm dealing with now. > > The "new" gateway is a 120MHz Pentium with 40MB RAM, which should just > about handle squid/adzapper. Previously I was using a 600MHz/128MB > box, which ended up having loads of other services on it to make good > use of its capacity, hence the decision to move the security function > to a separate box.
Incidentally, how much space are you dedicating to your Squid cache? I know that this can't be assigned directly, so either the segment size, or net use (du -s on cache) would be useful. Peace. -- Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Windows Refund Day II: fight for your right to refund http://www.windowsrefund.net/
pgp00000.pgp
Description: PGP signature
