Seonkyu Park wrote: > Hello Squid users. > > I am using squid for server accelerator. > > But my squid server used by someone's transparent proxy. > (My server IP address listed by http://www.proxy-list.net/transparent-proxy-lists.shtml ) > Also listed by google link (PROXY LISTS - Free Anonymous Proxies and Proxy Tools) > > Is It possible? > Plz help on my squid.conf ( for reverse proxy) > -------------------------------------------------------- > http_port 80 vhost > icp_port 0 > cache_peer 111.111.111.1 parent 80 0 no-query originserver no-digest > cache_peer_domain 111.111.111.1 www.abc.com > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl purge method PURGE > acl CONNECT method CONNECT > acl port80 port 80 > > http_access allow port80 > Ouch. Any access to any server on port 80 is allowed. Try the following acl/http_access combo (as mentioned in an other reply) instead: acl accelHost dst 111.111.111.1 > http_access allow manager localhost > http_access deny manager > http_access allow purge localhost > http_access deny purge > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost > http_access allow accelHost > http_access deny all > http_reply_access allow all > -------------------------------------------------------- > The order being of great importance. > And I checked my squid logs. > (cd /var/log/squid ; grep -v abc.com access.log* | grep -v 503 | grep -v TCP_DENIED) > > I found that my squid server (server accelerator) used by someone's proxy server. > > (219.136.189.213 - - [08/Nov/2007:15:30:35 +0900] "GET http://www.baidu.com/ HTTP/1.0" 200 4082 "-" "-" TCP_REFRESH) > > How can I block it ? > > > Plz help. > Chris
