Yes, this is exactly what I mean, but what you suggest would entail
leaving the external port open to requests at all times. I only want
external clients to be able to connect _if_ they are using ssh (which
means they've been authenticated).
Does that make a bit more since? Basically, I want to enable use of my
cache server on its' external interface on the default port only if the
user is authenticated and using ssh. Is this possible???
TIA,
Ben
-----Original Message-----
From: Castricum, Ben [mailto:BenC@nmc.kpn.net]
Sent: Friday, June 07, 2002 1:26 AM
To: squid-users@squid-cache.org
Subject: RE: [squid-users] Squid and ssh tunneling
Bennett F. Dill wrote:
> Currently, I deny all external interface connections to the
> squid port. For
> squid to respond, you must be a 192.168.0.0./24 IP address.
> I would now
> like to add the ability for squid to accept external requests
> if the request
> is authenticated and using ssh. Is this possible?
It's possible. Each user needs to connect to your cache with ssh and
configure it's ssh client to do port forwarding. A rule
localhost:3128->remotehost:3128 should do the trick. The user then needs
to
use localhost:3128 for proxy. Not really a squid issue though.
Ben
Received on Fri Jun 07 2002 - 12:02:52 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:30 MST