Hi, fooler wrote: > chris robertson already gave you the answer to bind squid with localhost > (127.0.0.1:3128) if you dont want both the external and internal clients > to see tcp port 3128... > Yes, I can see the idea behind that. However, I think it must be possible and much simpler to have Netfilter drop external requests to port 3128. I'm trying to find out how to do that. > you said that you dont want the external clients see tcp port 3128 and you > have two ethernet cards... bind your squid to your second network card > having a *private* ip address while your first network card have a public > ip address... > I have one card (eth0, 192.168.1.254) connected to an adsl router and another (eth1, 192.168.2.1) connected to my lan network. Squid should only work on the lan -- there are no incomng connections. Binding Squid to 127.0.0.1 will bind it to ... what exactly? I'm sorry, I'm new to this. Can you explain your idea in terms of my configuration? Thanks, Niels
