Search squid archive

Re: log & deny direct web access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reinhard Haller wrote:
Hi,

I want to log direct web access over port 80 from misconfigured software update processes etc.

The firewall logged a lot of access over port 80, the reverse lookup of the used addresses is almost
useless. Therefore I changed the configuration:

pf redirects all connect requests for port 80 to port 3128

#added to squid.conf
http_port 127.0.0.1:3128 transparent
acl forwardport myport 3128
acl forwardip myip 127.0.0.1/255.255.255.255
http_access deny forwardip forwardport
# allow access to internet
http_access allow our_networks !ebay !useragent

Problem: squid 3.0pre6 now works as a perfect transparent proxy.

> Whats's wrong?
>

I'd say you have mistaken the phrase 'redirects all traffic to a local port' in the REDIRECT documentation as meaning 'localhost port'. When in fact it just means 'a local-machine port'.

Think of the REDIRECT as a diversion making the client request from squid, not some other machine. The client just doesn't know it.

Amos

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux