[squid-users] Squid proxy incoming and outcoming connections?
Dean E. Weimer
dweimer at dweimer.net
Thu Feb 13 15:35:56 UTC 2020
On 2020-02-13 9:10 am, PatrĂcia Sousa wrote:
> I'm using the squid proxy and I'm trying to block some connections (incoming and outcoming traffic) from a certain ip address. However, for example, if I deny all the connections (http_access deny all) it only blocks the connections that I made to websites for example, but if I use another PC and try to ssh or wget the PC that owns the proxy squid, it is allowed. How can I block the traffic from and to a specific IP or DNS? It is possible to do this with Squid?
>
> If not, what is the best way to do this?
>
> Thank you.
You need two ACL lines:
acl BadIPSource src 1.1.1.1/32
acl BadIPDst dst 1.1.1.1/32
You can use srcdomain & dstdomain instead of src & dst to use domain
instead of IP.
Rules are processed in order, if you are specifically wanting to block
this domain/IP put it first. Then youur allow lines and finally the deny
all line to block anything you haven't specifically allowed.
http_access deny BadIPSource
http_access deny BadIPDst
[...Youur Allow Lines Here...]
http_access deny all
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20200213/eb01b0c8/attachment.html>
More information about the squid-users
mailing list