At 02:21 AM 21/10/98 +0000, roddy@satlink.com.au wrote:
>Hi,
> We are going to be upgrading to squid 2 . I was wondering how can
>i get it to stop allowing external proxy access. I have gone through my
>config and checked everything, but when ppl telnet to my proxy port it
>still allows ppl in from outside our class c, in squid 2, where can i
>change this setting.
Squid shouldn't honour thier HTTP request if you've set it up correctly
(they'll be able to telnet to the port, but they get access denied) : this
is represented in the ACLs:
acl all 0.0.0.0/0.0.0.0
acl Access_Granted x.x.x.x/xxx.xxx.xxx.xxx xx.xx.xx.xx/xxx.xxx.xxx.xxx
http_access deny all !Access_Granted
The same could be said for ICP, though a different acl for that would be
needed if you have any siblings.
However, if on the other hand you want to completely cut off your port from
outside requests (port 3128 or whatever) squid cannot do this - you'll have
to impliment a firewall rule and filter it out - you can use ipfwadm and
linux (compiled correctly) for this.
Regards
-- This message is Copyright (C) 1998 by Karl Ferguson Tower Networking Pty Ltd t/a STAR Online Services Tel: +61 8 9355-0000 Fax: +61 8 9355-0033Received on Tue Oct 20 1998 - 21:30:27 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:37 MST