[squid-users] RE: Squid ACL Problem

From: Squid <squid@dont-contact.us>
Date: Tue, 07 May 2002 15:21:32 -0500

Has anybody ran across this problem. I have SQUID 2.4 Stable 3 on a Red Hat
7.2 system, with 2 NIC's one on a public IP the other on a private. I have
an ACL set to block two sites one by IP the other by domain. The problem is
it only works on the local server. If another computer proxies to it, it is
not blocked. The block only works on the local host.

acl all src 0.0.0.0/0.0.0.0
#
acl mynet src 172.16.0.0/255.255.0.0
acl pubnet src xxx.xxx.xxx.xx/255.255.255.xxx
acl howetest dst 156.110.224.8
acl camerontest dstdomain www.cameron.k12.ok.us
#
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny howetest
http_access deny camerontest
http_access allow manager localhost
http_access allow mynet
http_access allow pubnet
http_access deny manager
http_access deny !Safe_ports # Deny requests to unknown ports
http_access deny CONNECT !SSL_ports # Deny CONNECT to other than SSL ports

Any body got an answer?

Thanks
Bruce Gillham
Technology Coordinator
Wister Public Schools
bgillham@wister.k12.ok.us
Received on Tue May 07 2002 - 14:10:45 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:56 MST