<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt; font-family: "Courier New",Courier,monospace'>
<p id="reply-intro">On 2020-02-13 9:10 am, Patrícia Sousa wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">
<div id="replybody1">
<div dir="ltr">
<p style="margin: 0px 0px 1em; padding: 0px; border: 0px; font-variant-numeric: inherit; font-variant-east-asian: inherit; font-stretch: inherit; line-height: inherit; font-family: Arial,'Helvetica Neue',Helvetica,sans-serif; font-size: 15px; vertical-align: baseline; box-sizing: inherit; clear: both; color: #242729;">I'm using the squid proxy and I'm trying to block some connections (incoming and outcoming traffic) from a certain ip address. However, for example, if I deny all the connections (http_access deny all) it only blocks the connections that I made to websites for example, but if I use another PC and try to ssh or wget the PC that owns the proxy squid, it is allowed. How can I block the traffic from and to a specific IP or DNS? It is possible to do this with Squid?</p>
<p style="margin: 0px 0px 1em; padding: 0px; border: 0px; font-variant-numeric: inherit; font-variant-east-asian: inherit; font-stretch: inherit; line-height: inherit; font-family: Arial,'Helvetica Neue',Helvetica,sans-serif; font-size: 15px; vertical-align: baseline; box-sizing: inherit; clear: both; color: #242729;">If not, what is the best way to do this?</p>
<p style="margin: 0px 0px 1em; padding: 0px; border: 0px; font-variant-numeric: inherit; font-variant-east-asian: inherit; font-stretch: inherit; line-height: inherit; font-family: Arial,'Helvetica Neue',Helvetica,sans-serif; font-size: 15px; vertical-align: baseline; box-sizing: inherit; clear: both; color: #242729;">Thank you.</p>
</div>
</div>
</blockquote>
<div> </div>
<div>You need two ACL lines:</div>
<div>acl BadIPSource src 1.1.1.1/32</div>
<div>acl BadIPDst dst 1.1.1.1/32</div>
<div> </div>
<div>
<div>You can use srcdomain & dstdomain instead of src & dst to use domain instead of IP.</div>
<div> </div>
</div>
<div>
<div>Rules are processed in order, if you are specifically wanting to block this domain/IP put it first. Then youur allow lines and finally the deny all line to block anything you haven't specifically allowed.</div>
</div>
<div> </div>
<div>http_access deny BadIPSource </div>
<div>http_access deny BadIPDst</div>
<div>[...Youur Allow Lines Here...]</div>
<div>http_access deny all</div>
<div> </div>
<div> </div>
<div> </div>
<div> </div>
<div id="signature">-- <br />
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">Thanks,<br /> Dean E. Weimer<br /> <a href="http://www.dweimer.net/" target="_blank" rel="noopener noreferrer">http://www.dweimer.net/</a></div>
</div>
</body></html>