Re: cvs commit: www2/content/Download howto-mirror.dyn

From: Amos Jeffries <squid3@dont-contact.us>
Date: Thu, 4 Oct 2007 12:46:30 +1300 (NZDT)

> On tor, 2007-10-04 at 12:16 +1300, Amos Jeffries wrote:
>
>> oh, that configuration is turning those machines into open proxies for
>> anyone who wants to point their domain at 'em.
>
> No it won't, accelerator mode means an implicit "never_direct allow all"
> just to prevent this from happening, which means requests can only get
> forwaded if there is cache_peer where the request may be forwarded.

Ah, okay.
So this is on a per-connection based on the incoming port option flag?

>
>> I prefer making that list of cache_peer_domains into a single dstdomain
>> ACL which can be used to both redirect the domains with
>> cache_peer_access
>> and to block anything not listed from direct access.
>
> Maybe. But not strictly needed..

Well, theres other stuff, makes ACLs more useful for me. But maybe not in
general then.

Amos
Received on Wed Oct 03 2007 - 17:46:33 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Oct 30 2007 - 13:00:03 MDT