Hi everyone,
I'm running Squid 3.1 in Interception mode that is set to intercept
traffic to a list of 10 websites.
One security concern I have is that anyone in my ACL can enter my
proxy IP and port in their browser and use it as a regular proxy.
Is there a way to disable this access? If I can disable this access,
no one can abuse my service because I can control what dstDomains will
use my proxy.
This is my current setup:
acl allowed_IP src IP
http_access allow allowed_IP
http_access deny all
Only Domains want to allow access:
acl allowed_domains dstdomain
If it's not theoretical possible, how can I write an ACL combo that
only allow "allowed_ip" to access "allowed_domains" instead of
accessing everything once it's allowed?
Thanks!
Received on Thu Jun 09 2011 - 11:11:12 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 10 2011 - 12:00:01 MDT