Henrik Nordstrom wrote:
>ons 2006-04-05 klockan 17:13 +0000 skrev Vadim Pushkin:
>
>
>>Also, I am able to ssh
>>out using my proxy, and I wish not to.
>>
>>
>
>Your access controls allows CONNECT to unwanted ports...
>
>Note: The suggested default rules restricts CONNECT to only two well
>known SSL ports for good reasons..
>
>Regards
>Henrik
>
>
Specifically, you've placed your http_access allow lines above the
http_access deny lines. You might benefit from perusing the FAQ on
access controls (http://www.squid-cache.org/Doc/FAQ/FAQ-10.html).
In short, if you move your network specific http_access lines below the
line that reads...
http_access deny CONNECT !SSL_Ports
... but above the line that reads...
http_access deny all
...you should be allowing just the access that you want. Also, you
might want to get rid of the http_reply_access lines that you added to
the default config.
Chris
Received on Wed Apr 05 2006 - 16:27:06 MDT
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT