Dear Alex,
Which version are you using? Did you try to set acl and allow requests
from intranet (e.g. 192.168.1.0/255.255.255.0) only :-
acl intranet src 192.168.0.0/255.255.255.0
http_access allow intranet
http_access deny all
Regards, John Mok
Alex wrote:
> Dear All,
>
> i have a problem with my squid proxy.. suddenly its performance
> decrease and i never get the speed i expect from my squid box, and
> when i tail to access.log i find a weird line of information there,,
> please find it below :
>
> 1115668842.640 14680 61.224.206.211 TCP_MISS/200 824 CONNECT
> 205.188.156.185:25 - DIRECT/205.188.156.185 -
>
> i found thousands of line similar to this one, even, i dont know the
> source ip address, destination or even the direct destination !! the 3
> ip addresses doesn't belong to my network at all and all are blocked
> from the squid.conf file, plus why the destenation is trying to make
> connection on port 25 !!! ? such port is also blocked with the
> Safe_ports rule !
> port 25 is not allowed on my linux box , so how this ip can hack to my
> squid box and through my squid can open a session to port 25 on the
> destination ? and how i can block this from happening ?! its killing
> my squid box performance
>
> Best Regards ,
>
Received on Mon May 16 2005 - 02:08:51 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:02 MDT