To enable logging, the manual states that:
2.1.3 Logging
When it encounters a difficulty, Polipo will print a friendly message.
The location where these messages go is controlled by the
configuration variables logFile and logSyslog. If logSyslog is true,
error messages go to the system log facility given by logFacility. If
logFile is set, it is the name of a file where all output will
accumulate. If logSyslog is false and logFile is empty, messages go to
the error output of the process (normally the terminal).
The variable logFile defaults to empty if daemonise is false, and to
‘/var/log/polipo’ otherwise. The variable logSyslog defaults to false,
and logFacility defaults to ‘user’.
If logFile is set, then the variable logFilePermissions controls the
Unix permissions with which the log file will be created if it doesn’t
exist. It defaults to 0640.
The amount of logging is controlled by the variable logLevel. Please
see the file ‘log.h’ in the Polipo sources for the possible values of
logLevel.
Keeping extensive logs on your users browsing habits is probably a
serere violation of their privacy. If the variable scrubLogs is set,
then Polipo will scrub most, if not all, private information from its
logs.
Following on from that, log.h (from here) has the following levels:
#define L_ERROR 0x1
#define L_WARN 0x2
#define L_INFO 0x4
#define L_FORBIDDEN 0x8
#define L_UNCACHEABLE 0x10
#define L_SUPERSEDED 0x20
#define L_VARY 0x40
#define L_TUNNEL 0x80
#define LOGGING_DEFAULT (L_ERROR | L_WARN | L_INFO)
#define LOGGING_MAX 0xFF
So, for example, if you wanted to see all of the log messages in a file, the recommended configuation is (in /etc/polipo/config
):
logFile=/var/log/polipo
logLevel=4
From my Linux workstation, the only application that can access the
internet are a) Firefox (using its own proxy configuration and
authentication stored in Firefox), as well as applications running in
a Windows VM (Note - the windows VM is a domain member and the user
authenticates against the domain when logging in)
Solution option: Run a web proxy on your windows VM. Setup your system to use that instance as your proxy.
Since your Windows VM is already authenticated and traffic is allowed through it, setting up a SOCKS proxy on that VM instance will centralized your authentication needs. If it is just for you and your boxes, this should be fine and is probably fairly straightforward.
Piggybacking on this idea is to get an SSHD daemon running on the Windows VM so you can do things like SSH SOCKS tunnels from your other boxes through the VM:
ssh -D 1080 windows-user@windows-vm
For those apps that may have problems or where you don't want to reconfigure the apps, you can make use of sshtunnel, which will setup iptables rules to route traffic. Works for Linux and Mac systems.
If you need to avoid installing a proxy on the Windows VM itself, you can setup a Squid proxy box configured to authenticate itself against the windows AD. A guide on doing that located here:
Solution option: Squid Proxy Authenticated via AD/NTLM
http://techmiso.com/1934/howto-install-squid-web-proxy-server-with-active-directory-authentication/ (dead link)
Another NTLM proxy solution, though I think this one actually runs on a Windows machine:
Solution option: NTLM proxy
http://cntlm.sourceforge.net/
Best Answer
If you disconnect from, and then reconnect to, the network, the system will have to detect your new network settings. Presumably this must include the proxy settings.