[ale] Squid Question
Yu, Jerry
Jerry.Yu at Voicecom.com
Fri Nov 12 15:22:35 EST 2004
acl can be defined by src as well as by dst. the rest goes the same.
for more funky def of ACL, refers to comments in ACL secion inside
squid.conf
# -----Original Message-----
# From: Christopher Fowler [mailto:cfowler at outpostsentinel.com]
# Sent: Friday, November 12, 2004 3:13 PM
# To: Yu, Jerry
# Cc: 'Atlanta Linux Enthusiasts'
# Subject: RE: [ale] Squid Question
#
#
# On Fri, 2004-11-12 at 15:08, Yu, Jerry wrote:
# > The following should be all you need to add to the default
# squid.conf
# >
# > # let squid listen to port tcp/888 [[ need an iptables
# hole for this port]]
# > http_port 888
# >
# > # define access groups based on source IP
# > acl vipGroup src 10.0.0.0/255.255.0.0
# > acl commonerGroup src 10.17.0.0/255.255.0.0
#
# The access group could be 0.0.0.0 it is the dst I want to control. I
# do not want people using the proxy for www.google.com only machines
# direclty located in the devices on WAN
#
#
# >
# > # set up access permission, by deny all, and permit by
# explict grant only
# > http_access deny all
# > http_access allow vipGroup
# >
# >
# > # -----Original Message-----
# > # From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
# > # Christopher Fowler
# > # Sent: Friday, November 12, 2004 2:54 PM
# > # To: ale at ale.org
# > # Subject: [ale] Squid Question
# > #
# > #
# > # I'm confused by the squid conf. I want to setup my proxy to
# > # only allow
# > # access to machines on 10.0.X.X subnets. Can someone give me
# > # a pointer?
# > #
# > #
# > # Thanks,
# > # Chris
# > #
# > # _______________________________________________
# > # Ale mailing list
# > # Ale at ale.org
# > # http://www.ale.org/mailman/listinfo/ale
# > #
#
More information about the Ale
mailing list