Re: ACL to protect internal webservers ?

From: <>
Date: Fri, 26 Jun 1998 15:54:02 +0200

Meanwhile, I tried to replace "acl xxx domain" by "acl src", which may be
smarter, anyway. Sice I use "src", it works fine. Now the acl only refers
to the cache clients and does not match the cache content any more.

Bug or feature ?

-Jan am 26.06.98 13:41:22

Kopie: (Blindkopie: Jan Schreiber/EDV/Spiegel)
Thema: ACL to protect internal webservers ?

I try to use Squid 1.0.22 on FreeBSD 2.2.2-RELEASE. Inside squid.conf, I
define an ACL for the hosts in my domain. I grand http_access to this acl,
and deny http_access to anyone else:
acl manager proto cache_object
acl localhost src
acl all src
acl SSL_ports port 443 563
acl santaclaus domain
http_access allow manager santaclaus
http_access deny manager
http_access allow santaclaus
http_access deny all
since I dont want hosts outside my domain to access the cache *and use it
to see the
internal webservers*. This does not work. External hosts cannot use the
cache for external URL's,
but *can* access internal webservers at
I don't know any more parameters for the http_access statement.
I could not learn the answer to this from the FAQ.
Thank you for any hints.
Received on Fri Jun 26 1998 - 06:56:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:51 MST