tor 2003-05-22 klockan 10.38 skrev Ralf Hildebrandt:
> Our config (below) seems to allow access to privileged ports. Proof:
You are missing the rules to deny access to unprivileged ports. You have
all the needed acls defined to build these rules, but are missing the
actual http_access rules using these acls to deny access..
To get a better understanding of your access controls just look at the
http_access rules
grep ^http_access squid.conf
Squid reads these in the order listed, and the first line matching the
request (where all listed acl elements on the line is true) will
allow/deny the request.
Any acls used by your http_access rules must be defined before where
they are used. An an acl alone does not have any effect. acl directives
are building blocks used by http_access and other acl driven to build
rules on how Squid should act.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org Please consult the Squid FAQ and other available documentation before asking Squid questions, and use the squid-users mailing-list when no answer can be found. Private support questions is only answered for a fee or as part of a commercial Squid support contract. If you need commercial Squid support or cost effective Squid and firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Thu May 22 2003 - 03:41:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:51 MST