[squid-users] ACL why does this not work?
Amos Jeffries
squid3 at treenet.co.nz
Fri May 1 08:25:08 UTC 2015
On 1/05/2015 11:56 a.m., Yan Seiner wrote:
> I am trying to prevent squid from proxying to an authorized subnet.
>
> I want to write a set of acl rules that say that if a request does not
> come from the authorized subnet then it should not be allowed to connect
> to the authorized web server.
>
> acl auth_net src 192.168.4.0/24
> acl auth dst 192.168.4.1
> http_access deny !auth_net auth
>
> AFAICT something like the above should work but it doesn't. squid
> proxies requests from anywhere on the network to the authorized
> webserver, getting right around the firewall.
>
> Any suggestions on how to make this work?
You either got the order wrong
(<http://wiki.squid-cache.org/SquidFaq/OrderIsImportant>) or the DNS
results are not what you think they are.
We cant really say without knowing what your whole config is.
Amos
More information about the squid-users
mailing list