> Amos Jeffries wrote: >> stephane lepain wrote: >>> Hi, >>> >>> I have given access to my router webpage configuration from my squid >>> server by adding in >>> *cache_peer 192.168.1.1 parent 3128 3130 login=PASS* >>> That is great because now I can access my router webpage >>> configuration from my server without any problems. >>> Sometimes, I need to access my router on a different PC which is just >>> a client. What can I add into my configuration squid.conf to make >>> that work? >> >> If you have an assigned domain name for your router you can restrict >> only that domain to be redirected to that peer. >> >> Or if the IPs are fixed, you can restrict only the IPs you are going >> to connect to the router from as acceptable sources for the requests >> to the peer. >> >> It's a little weird that you have (only?) proxy-HTCP and ICP access to >> your router for admin. But its your config and you did not post the >> other details, so.... >> >> Amos > Hi Amos, > > Yes I do have a domain (macitos.fr) and all the IPs are fixed. My goal > here is to access my router from another PC which is just a client and > has 192.168.1.8 for fix ip. With the config below I can access my router > from my server with fix ips 192.168.1.6/7 > > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 # https > acl SSL_ports port 563 # snews > acl SSL_ports port 873 # rsync > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl Safe_ports port 631 # cups > acl Safe_ports port 873 # rsync > acl Safe_ports port 901 # SWAT > acl purge method PURGE > acl CONNECT method CONNECT > acl MyNetwork src 192.168.1.0/24 > acl xchat port 6667 acl admin src 192.168.1.8 127.0.0.1 > > http_access allow manager localhost > http_access deny manager > http_access allow purge localhost > http_access deny purge > http_access allow CONNECT xchat > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access deny to_localhost > http_access allow MyNetwork > http_access allow localhost > http_access deny all > > icp_access allow all > > http_port 3128 > > cache_peer 192.168.1.1 parent 3128 3130 login=PASS cache_peer access 192.168.1.1 allow admin cache_peer_acces 192.168.1.1 deny all > > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > > header_access From deny all > header_access Referer deny all > header_access Server deny all > header_access User-Agent deny all > header_access WWW-Authenticate deny all > header_access Link deny all > That should do it. Amos
