Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 14 Sep 2014 13:47:48 -0600
From:      Dave Babb <dcbdbis@comcast.net>
To:        Odhiambo Washington <odhiambo@gmail.com>
Cc:        User Questions <freebsd-questions@freebsd.org>
Subject:   Re: Proxy Server Question
Message-ID:  <5415F0E4.5070004@comcast.net>
In-Reply-To: <CAAdA2WO3dV2v65_9w_diD40DBi9nU85RHERMsXarY0HF7XKbqg@mail.gmail.com>
References:  <5415DE49.9070500@comcast.net> <CAAdA2WPFkOhC+vRQBVx9oLchM-xSD9vaFUgL0s9R1K+1sRCuQA@mail.gmail.com> <5415E165.8060508@comcast.net> <CAAdA2WO3dV2v65_9w_diD40DBi9nU85RHERMsXarY0HF7XKbqg@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Thank you for the reply... I do appreciate feedback.

The proxy server in the FreeBSD box is the failover. The city has 
purchased a physical firewall appliance to bolt to the wall...And in 
case it fails......the server will be backup. There will be no automatic 
failover.....by design.

This is a small city of < 2k people. City users < 10.

I have already read about squid.....The main purpose of the email was to 
ascertain which proxy server is considered "best practice" in the 
FreeBSD world. I'll configure it all...I just don't want to deploy a 
package that the FreeBSD community would consider "bad form".

I come from a 20+ year relationship with Linux......I fired Linux as a 
technology in Q1 of this year (long story)...including for my clients. I 
am < 1 year on FreeBSD. So what I know in Linux... I have come to 
understand does not necessarily apply to FreeBSD.

This particular subject is my due-dilligence to ensure I am deploying a 
mainstream proxy as the FreeBSD community would define it.

Again, Thank you for your reply,


Sincerely and respectfully,


Dave

On 09/14/14 13:08, Odhiambo Washington wrote:
>
>
> On 14 September 2014 21:41, Dave Babb <dcbdbis@comcast.net 
> <mailto:dcbdbis@comcast.net>> wrote:
>
>     OK. fair enough.
>
>     Project: I have been awarded a project in which I am changing out
>     an entire cities infrastructure to be based upon FreeBSD. They
>     will have their ISP demark, which then gets fed into a physical
>     firewall appliance bolted to the wall, which then feeds the
>     FreeBSD server containing the proxy server into NIC #0.
>
>     NIC #1 (on a different subnet) will then feed the attached devices
>     of the city, PC's, smart devices, printers via a 16 port switch.
>
>     The purpose of the proxy servers is to put a configurable layer of
>     proxy between the average city user, and the internet at large.
>     Currently the city is infected with a lot of Windows virus',
>     mainly do to the users (at this time) having unmanaged, unfiltered
>     access to the Internet.....
>
>
> So, besides the proxying, what else do you want to achieve in the 
> FreeBSD box? How many users are you looking at handling on your 
> network? Squid will be able to do the proxying for you, but what else 
> you need to achieve, with the number of client devices you expect to 
> handle simultaneously will determine what you will install and the 
> sizing of this proxy machine. Besides, you will also need failover for 
> this machine so that you minimize on downtime. I am thinking a good 
> start will be thinking of an appliance - like those done by the 
> pfSense <http://www.pfsense.org>; guys. If you are not going for an 
> appliance and want to get your hands dirty, you can do it too, though 
> with a city, I am sure there is a budget for a suitable appliance. My 
> advise - head over to the pfSense forums for a solution.
>
>
> -- 
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223
> "I can't hear you -- I'm using the scrambler."




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?5415F0E4.5070004>