RE: [squid-users] dont want to share the cache

I had previously said to use Ipfw or ipchains to create a rule that
drops packets destined for the port, or restrict in the linux firewall
instead of at the service level.

Isn't it better to have data dropped from the network layer (layer 3
filtered) rather than let an independent service manage it's access. My
idea is why let a possible attacker hack and hack away at a service till
they get in (buffer overflow) when you can just drop all packets at
layer 3 with source external to LAN. An attacker never gets to try or
attempt to hack away at your service.

Am I out on a limb here? Anyone agree or disagree?

-----Original Message-----
From: Ehsan Lesani [mailto:ehsan@safineh.net]
Sent: Monday, August 18, 2003 8:13 AM
To: franklin.lecointre@iga-pegase.fr
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] dont want to share the cache

you can do it ba http_access and acls in squid.conf

Best Regards.
Ehsan Lesani
  ----- Original Message -----
  From: franklin LECOINTRE
  To: squid-users@squid-cache.org
  Sent: Monday, August 18, 2003 4:31 PM
  Subject: [squid-users] dont want to share the cache

  hello,
  I want to restrict the squid cache I have to the users of my network,
and
I
  dont want somebody on Internet use it.
  How can I do ?

  Thanks
  Franklin LECOINTRE
  ---
  Outgoing mail is certified Virus Free.
  Checked by AVG anti-virus system (http://www.grisoft.com).
  Version: 6.0.509 / Virus Database: 306 - Release Date: 12/08/2003
Received on Mon Aug 18 2003 - 11:36:34 MDT