configuring squid

[Tim]

Tim:
>> But I just noticed that mine (according to the rules I read on one or
>> three websites) doesn't use local-wpad, mine's like this:
>> 
>> option wpad-curl        code 252 = text;
>> option wpad-curl       "http://proxy.example.com/wpad.dat";


Guillermo Garron:
> You can use anything i think as you are defining this on the first line.
> the secret words are (i think)
> option [anything-here] code 252 = text;
> option [the same as above] "http://proxy.example.com/wpad.dat";

Reading through the various guides, it's not exactly clear whether
clients are looking for parameters supplied with "code 252", or whether
they expect a specific option by *name*.

In any case, as we've found out, it doesn't appear to be paid attention
to, even by those who've outlayed instructions as to how to do it for
their systems.

> I have also found that is more effective to have you browsers configured 
> to look for a file with the proxy configuration.

Yes, though (as you said) that means configuring each client, then you
no-longer have the benefit of a central configuration point that can be
changed at will.

> Also configure squid as transparent proxy using IPTables.

Not something I suggest.  There are many things that just do not work
through a proxy, or the "Squid" proxy doesn't get right.  As soon as you
force a proxy on people, you break those things.  At least with optional
proxy configuration you can opt in or out of it.

e.g. We still have two Windows boxes left here.  AVG will not do its
updates through the Squid proxy.  Each and every time you try to do so,
it fails after a few KB have come through.

-- 
(Currently running FC4, occasionally trying FC5.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.