[ale] Squid Question
Christopher Fowler
cfowler at outpostsentinel.com
Fri Nov 12 15:13:47 EST 2004
On Fri, 2004-11-12 at 15:08, Yu, Jerry wrote:
> The following should be all you need to add to the default squid.conf
>
> # let squid listen to port tcp/888 [[ need an iptables hole for this port]]
> http_port 888
>
> # define access groups based on source IP
> acl vipGroup src 10.0.0.0/255.255.0.0
> acl commonerGroup src 10.17.0.0/255.255.0.0
The access group could be 0.0.0.0 it is the dst I want to control. I
do not want people using the proxy for www.google.com only machines
direclty located in the devices on WAN
>
> # set up access permission, by deny all, and permit by explict grant only
> http_access deny all
> http_access allow vipGroup
>
>
> # -----Original Message-----
> # From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
> # Christopher Fowler
> # Sent: Friday, November 12, 2004 2:54 PM
> # To: ale at ale.org
> # Subject: [ale] Squid Question
> #
> #
> # I'm confused by the squid conf. I want to setup my proxy to
> # only allow
> # access to machines on 10.0.X.X subnets. Can someone give me
> # a pointer?
> #
> #
> # Thanks,
> # Chris
> #
> # _______________________________________________
> # Ale mailing list
> # Ale at ale.org
> # http://www.ale.org/mailman/listinfo/ale
> #
More information about the Ale
mailing list