On tor, 2007-10-04 at 12:16 +1300, Amos Jeffries wrote:
> oh, that configuration is turning those machines into open proxies for
> anyone who wants to point their domain at 'em.
No it won't, accelerator mode means an implicit "never_direct allow all"
just to prevent this from happening, which means requests can only get
forwaded if there is cache_peer where the request may be forwarded.
> I prefer making that list of cache_peer_domains into a single dstdomain
> ACL which can be used to both redirect the domains with cache_peer_access
> and to block anything not listed from direct access.
Maybe. But not strictly needed..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Tue Oct 30 2007 - 13:00:03 MDT