david@xxxxxxxxxxxxxxxx wrote:
I am running: a Linux router/gateway, heavily firewalled (iptables) but with the attack I installed Squid. I created two system files with ACLs to match: bad_src_ip and bad_url_regex. From the Linux box ps shows that squid is running but the logs show no activity at all albeit OK access or error. Moreover, I can ping and tracert to the URLs and IPs I think I am blocking.
Have you set up squid as a transparent proxy? Squid won't be used by
clients that don't specifically ask to use it, unless you redirect
traffic to it with iptables.
TB
**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************