Re: [squid-users] squid 2.5 reverse proxy ACL help?

From: Chris Robertson <crobertson@dont-contact.us>
Date: Fri, 27 Oct 2006 11:51:00 -0800

Javær wrote:
> hi all,
> i have squid 2.5 set up as a reverse proxy for our mail servers (to
> avoid having to expose our mailservers to the outside world). squid is
> acting only as a reverse proxy (accelerator), and I have
> httpd_accel_with_proxy set to off.
>
> does anyone have any advice or tips for creating the ACL's so that I
> can avoid having our squid be used as an open proxy?
>
> thanks so much!

acl mailhosts dstdomain .my.webmailserver.com # Could use a "dst" acl
with the IP address
acl mailhostPort port 80 # Assuming standard HTTP port here...
http_access allow mailhosts mailhostPort # Allow anyone to connect to
*.my.webmailserver.com on port 80
http_access deny all # Deny anything else

Additional rules needed to allow SSL connections.

Chris
Received on Fri Oct 27 2006 - 13:51:10 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:05 MST