Re: Help

From: Juan A. Becerril Castillo <jabc@dont-contact.us>
Date: Tue, 04 Jan 2000 09:31:23 -0600

Duane Wessels wrote:
>
> On Tue, 4 Jan 2000, Thomas Wahyudi wrote:
>
> > > #Default configuration:
> > > http_access allow manager localhost
> > > http_access deny manager
> > > http_access deny !Safe_ports
> > > http_access deny CONNECT !SSL_ports
> > > #
> > > # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
> > > #
> > > http_access deny all
> >
> > ^^^^^^^^^^^^^^^^^
> >
> > i believe this is the reason
> > =)
> >
> > change to http_access allow all
>
>
> No, do not change it to "allow all".
>
> If you do that, then anyone will be able to use your proxy
> cache. Eventually your cache will end up on the "open proxy list"
> and you will be proxying traffic from all over the world.
>
> Duane W.

Ok... good reason.

This config work fine in my squid...

#Defaults:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl localhosts src 192.168.0.0/255.255.0.0

# TAG: http_access
#
#Default configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow localhosts
http_access deny all

Thanks for all...
Received on Tue Jan 04 2000 - 08:41:59 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:13 MST