Re: [squid-users] What's with "Safe_ports"?

From: Marc van Selm <marc.van.selm@dont-contact.us>
Date: Tue, 29 May 2001 10:43:50 +0200

For whatever reason some people run web-servers on silly ports. If you want
them to be accessible via Squid you have to mark them as safe. You can also
decide, for whatever good reason, that they are not safe and you do not
want to support these ports. In that case remove them from the safe_ports acl.

Marc

At 09:06 PM 5/28/01 -0700, Steve Snyder wrote:
>I'm a little unclear on what the lines below, as seen in the default
>squid.conf, are supposed to do.
>
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
>
>The first line is understandable; we're caching HTTP traffic, therefore
>port 80 must be accessible. But what's the story on the remaining lines?
>Why is SHTTP, which is unsupported by Squid, considered safe? Why is
>FileMaker, of all things, considered safe for use by Squid?
>
>Given that all I care about is HTTP traffic, is there any reason I
>shouldn't delete all but the first of these lines?
>
>Thank you.

---------------------------------------------------------
Marc van Selm
NATO C3 Agency, CSD/A

*********************************************************
** All statements in this mail are made from my own **
** personal perspective and do not necessarily reflect **
** my employer opinions or policies. **
*********************************************************
Received on Tue May 29 2001 - 02:43:59 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:19 MST