Simon White wrote:
> If you get 2 messages that's normal, because the messages go to you
> directly and to the list, of which you are a member.
It is normal, but annoying.
> Let me be clear about the rules you need:
> FORWARD
> src: your_lan dest: anywhere port: 3128, 8080 -> DROP
> INPUT
> src: your_lan dest: squid port: 3128, 8080 -> ACCEPT
>
> Is that what you have?
Yes
> Remember that iptables is source/destination IP based so you just allow
> squid then there's no problem. Squid will not make OUTGOING connections on
> the ports 3128 and 8080 but on port 80, so Squid has to have port 80
> access.
squid WILL make outgoing connection to port 8080, unless instructed
otherwise.
if i comment out the http_access deny proxy1, i can connect to ... one
second... found: http://www.nhc.rtp.nc.us:8080 and that I do NOT want,
since it means I can also connect to an external proxy server and bypass
all my restrictions.
--
Razvan Cosma
SysAdmin Telemach SRL Piatra Neamt
razvan.cosma@catv.telemach.ro
Linux Registered User #239230
Received on Tue Mar 05 2002 - 04:29:52 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:42 MST