Re: Squid acl access - neighbours & parents..

From: Edward Henigin <>
Date: Thu, 5 Sep 1996 13:56:34 -0500 (CDT)

        A workaround which you could probably implement now would
be packet filtering at your border router(s). It would be fairly simple.
On a cisco, you'd do something like:

access-list 101 permit ip host <friendly neighbor> host <my proxy cache> eq 3130
access-list 101 deny ip any host <my proxy cache> eq 3130
interface <interface>
ip access-group 101 in

        For example:

access-list 101 permit ip host host eq 3130
access-list 101 deny ip any host eq 3130
interface serial 0
ip access-group 101 in

        Most routers nowadays support some sort of port level packet

        Note that my opinion is that this should be handled at the
application level rather than at the transport level, so Duane W.
has my encouragement to getting this done :)



On Thu, 5 Sep 1996, Duane Wessels wrote:
> writes:
> >
> >Hello - I've just moved from Harvest to Squid & so far so good. However,
> >someone close to us netwise wants to neighbour with us which is good I
> >guess, but is there a way I can stop them using us as a parent? It's quite
> >important that I be able to do this to stop them effectively using our
> >network bandwidth instead of theres when they get a cache miss ... (While 
> >at the same time allowing our customers to use us as a parent).
> >
> >Is it possible, or do I just have to trust my neighbours?
> You can't do this with current versions, so you have to trust them.
> But its a good idea--I'll add it to the todo list.
> Duane W.
Received on Thu Sep 05 1996 - 11:58:56 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:56 MST