Re: [suse-linux-uk-schools] Removing proxy from OO
It appears that the school has probably got the caching and firewall on the same machine. I don't run a Linux box as a proxy but have an ISA box on an AD domain (approx 300 machines and 1300 users). The server is multihomed with an internal and external interface. Access is only permitted through the ISA server if both the user and the station the user is using are in the correct groups. We have another group that is www-disabled that overides the other two. The permissions are set at the access policy level, but can be tied down to a particular protocol, etc. I am sure the same can be done with a Linux Proxy. The benefits of the above is that the user cannot bypass the proxy to get access to the Internet, and the same settings apply to all applications. ---------- Original Message ---------------------------------- From: Darren Jones <darren@uctc.e-sussex.sch.uk> Date: Tue, 28 Feb 2006 11:03:40 +0000
I found the proxy settings in a file called Inet.xcs and was able to lock down those settings by editing it in 'C:\Program Files\OpenOffice.org 2\share\registry\schema\org\openoffice' or /usr/lib/ooo-2.0/share/registry/schema/org/openoffice/Inet.xcs' This prevents the proxy settings from being changed
Darren
Paul Taylor wrote:
HI all:
We are close to rolling out OO2 on the network, but the network manager is paranoid that students who are in the banned list of internet users will be able to bypass this by setting the proxy settings in OO2 manually (we currently have doze desktops on top of Netware). We have found, we think, the main xml that controls settings, but can't find any reference to the proxy. Does anyone know how to block this out of the options window?
Paul
-- To unsubscribe, e-mail: suse-linux-uk-schools-unsubscribe@suse.com For additional commands, e-mail: suse-linux-uk-schools-help@suse.com
-- Geoff Goode Catholic High School, Chester -- ********************************************************************** Note : This E-Mail is sent in confidence for the addressee only. Unauthorised recipients must preserve this confidentiality and should please advise the sender immediately by telephone and then delete the message without copying or storing it or disclosing its contents to any other person. We have taken all reasonable precautions to ensure that no viruses are transmitted to any third party. Any liability (in negligence or otherwise) arising from any party acting, or refraining from acting on any information contained in this e mail is hereby excluded. Should you communicate with anyone at this address by e-mail, you consent to us monitoring and reading any such correspondence. Printing this email? Please think environmentally and only print when essential! **********************************************************************
--- Goode <Goodeg@admin.chsc.cheshire.sch.uk> wrote:
It appears that the school has probably got the caching and firewall on the same machine. I don't run a Linux box as a proxy but have an ISA box on an AD domain (approx 300 machines and 1300 users). The server is multihomed with an internal and external interface. Access is only permitted through the ISA server if both the user and the station the user is using are in the correct groups. We have another group that is www-disabled that overides the other two. The permissions are set at the access policy level, but can be tied down to a particular protocol, etc. I am sure the same can be done with a Linux Proxy.
Yes, it could. Squid has support for limited ACLs, although squid coupled with SquidGuard is probably the better way to go. Doubtless some people here will advocate the use of 'censornet' -- this too will do what you want.
The benefits of the above is that the user cannot bypass the proxy to get access to the Internet, and the same settings apply to all applications.
That "benefit" is more a characteristic of *having* the appropriate technologies in place and configured -- it's not a benefit specific to a certain application. Please also refrain from top-posting. -- Thomas Adam "The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net "<shrug> We'll just save up your sins, Thomas, and punish you for all of them at once when you get better. The experience will probably kill you. :)" -- Benjamin A. Okopnik (Linux Gazette Technical Editor) ___________________________________________________________ Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
participants (2)
-
Goode -
Thomas Adam