Search squid archive

Re: One Squid and 2 DG Connection Restriction Howto ??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Chris,
I've already tried that config. It does not work for my config because
I am using xforwardedfor setting. Therefore Squid recognize all
clients with their internal IP adresses. So i have to allow my network
address to connect squid. This causes any client capable of changing
proxy settings may connect Squid directly instead of DG which is not
desired. In scenario, using only 1 computer with squid and DG
installed, there is nothing to worry about. Because http_port is
127.0.0.1:3128 so only local DG can connect. However if 2. DG tries to
connect, i have to change http_port to 3128 only.
So, i assume http_port settings may be the answer. So is there an answer?

On 8/11/06, Chris Robertson <crobertson@xxxxxxx> wrote:

Birol AKBAY wrote:
> Hi,
> I have 2 computers, let say
> A :192.168.0.10
> and
> B : 192.168.0.11
>
> For A,
> Squid 2.6 Stable1, DG 2.9.7.1  are installed.
>
> For B,
> Only DG 2.9.7.5 is installed.
>
> My purpose is;
> Squid must listen only 127.0.0.1:3128(for comp. A) and 192.168.0.28
> for requests from Computer B's IP. Other connection requests should be
> discarded. All requests should be forwarded to squid from DG installed
> on A and B.
>
> To do this;
> I changed http_port to 3128 from 127.0.0.1:3128. In this case, any
> client who can change his/her proxy settings is able to connect proxy
> directly.(As expected) This works, but not suitable for my purpose.
>
> What will be the correct conf?
For what it's worth, I have not migrated to Squid 2.6 yet.  These
instructions may not work.

This is extremely simplified, but...

acl DansB src 192.168.0.11
http_access allow DansB
http_access allow localhost
http_access deny all

...should cover your needs.  Placement in a full squid.conf is left as
an exercise for the reader (Hint 1: keep the http_access lines listed as
a group.  Hint 2: the http_access deny all should already be part of
your squid.conf).
>
> A simple diagram for struc.
> -----------------------------------------------
>
> Client Group 1 ---------------->   B
>                                           |
> Client Group 2 ---------------->   A ----- Internet
>
>
Chris




--
Birol AKBAY
birolakbay@xxxxxxxxx
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux