...
2013-01-04 Shame on me... I didn't test properly 
, but tinyproxy but the good news is that tinyproxy does work on both protocols 
...
meant that it didn't listen on v4... but I was wrong. In summary:
| Code Block | ||
|---|---|---|
| ||
Listen :: #This will accept connections on IPv6, but also on IPv4: IPv4-mapped IPv6 addresses are used: #CONNECT Jan 04 15:29:13 [23566]: Connect (file descriptor 6): host.terena.org [::ffff:192.87.30.2] Listen 0.0.0.0 # This will listen on IPv4 only Listen 2001:610:148:dead::666 # This will listen only on the specified IPv6 address. Not nice, but workable. |
...
| Code Block |
|---|
^(.*\.|)(s-)?microsoft\.com$ ^(.*\.|)windowsupdate\.com$ ^(.*\.|)microsoftupdate\.com$ ^(.*\.|)secunia\.com$ ^(.*\.|)vmware\.com$ ^(.*\.|)msftncsi\.com$ ^(.*\.|)public-trust\.com$ ^(.*\.|)thawte\.com$ |
Monitoring
To keep an eye on any refused domain that your hosts might try to access, run this script every morning, after the log files have been rotated (7AM on Ubuntu systems is good):
...