On Wed, 24 Mar 2010 14:11:46 +0000, "GIGO ." <gigoz@xxxxxxx> wrote: > I want to do the security hardening of my Squid Server with Iptables. I > intend to have no rule on outbond traffic however ibound traffic would be > restricted. please guide what are the minimum ports that are required to be > open on iptables. > Please lookup guidelines on best-practice for firewall administration. Minimum ports for Squid depend on your usage. Either port 80 for reverse proxies or usually port 3128 for forward proxies. In essence look at the squid.conf for *_port lines being used. Those are the ones you need to look at for inbound traffic to Squid. Exclude http(s)_port's with "transparent", "tproxy" or "intercept" flagged. They should always be blocked from direct external access. Amos
