Merdouille wrote:
Hi
i use a transparent squid proxy and i want :
- access as manager with squidclient from localhost only
== http_access allow manager localhost
- allow only computer from localhost to go every where
== http_access allow locahost
These ACL you ask about are the basic default install configurations for
Squid.
Please see squid.conf.default for the rest of the critical security
settings you need to be using.
or as listed in the demo 3.1 config at:
http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid
Amos
My ACLs :
#============== ACL
# nom type
acl all src all
acl port port 82
acl localnet src 192.168.100.0/192.168.100.255
"192.168.100.255" is not a valid network mask.
Please use:
192.168.100.0/24
acl manager proto cache_object
acl PROTO proto http
acl METHOD method GET
acl localhost src 127.0.0.1
I try :
http_access allow localhost manager
http_access allow localnet port !manager
http_access deny all !port !PROTO !METHOD
but manager can acces from every IP of localnet
I try :
http_access allow localnet port !manager
http_access deny all !port !PROTO !METHOD
http_access allow localhost manager
http_access deny !localhost !manger
but it block every request from client
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
Current Beta Squid 3.1.0.6
