Re: [squid-users] Please! Please! Someone Answer, Squid is killing Me

From: Razvan Cosma <razvan.cosma@dont-contact.us>
Date: Tue, 05 Mar 2002 13:29:50 +0200

Simon White wrote:

> If you get 2 messages that's normal, because the messages go to you
> directly and to the list, of which you are a member.
 It is normal, but annoying.

 
> Let me be clear about the rules you need:
> FORWARD
> src: your_lan dest: anywhere port: 3128, 8080 -> DROP
> INPUT
> src: your_lan dest: squid port: 3128, 8080 -> ACCEPT
>
> Is that what you have?
Yes

 
> Remember that iptables is source/destination IP based so you just allow
> squid then there's no problem. Squid will not make OUTGOING connections on
> the ports 3128 and 8080 but on port 80, so Squid has to have port 80
> access.

squid WILL make outgoing connection to port 8080, unless instructed
otherwise.
if i comment out the http_access deny proxy1, i can connect to ... one
second... found: http://www.nhc.rtp.nc.us:8080 and that I do NOT want,
since it means I can also connect to an external proxy server and bypass
all my restrictions.

-- 
            Razvan Cosma
SysAdmin Telemach SRL Piatra Neamt
    razvan.cosma@catv.telemach.ro
    Linux Registered User #239230
Received on Tue Mar 05 2002 - 04:29:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:42 MST