On 8/9/2012 4:47 AM, Amos Jeffries wrote:
> On 09.08.2012 12:32, Eliezer Croitoru wrote:
>> On 8/9/2012 2:16 AM, Amos Jeffries wrote:
>>>
>>> Releases 3.2.0.14->3.2.0.18 have a standing block preventing requests
>>> with conflicting destination IP and destination domain name being passed
>>> to peers.
>>>
>>> Release 3.2.0.19 loosens that block to allow it, but only if the clients
>>> original destination IP (ORIGINAL_DST) is non-contactable by the proxy.
>>>
>>> BUT, ... checking your config file there is a bigger problem, and a
>>> relatively large amount of useless ACL checks ...
>> and let say i want to loosen it a bit more?
>
> How much more?
> to relay known dangerous traffic to peers as if it were safe?
> or just to obey never_direct?
flag it as safe... because it is a local one that is safe.
i am talking only on http traffic and not https.
Thanks,
Eliezer
-- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.ilReceived on Fri Aug 10 2012 - 10:55:16 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 10 2012 - 12:00:02 MDT