[squid-users] log & deny direct web access

From: Reinhard Haller <reinhard.haller@dont-contact.us>
Date: Tue, 02 Oct 2007 12:26:19 +0200

Hi,

I want to log direct web access over port 80 from misconfigured software
update processes etc.

The firewall logged a lot of access over port 80, the reverse lookup of
the used addresses is almost
useless. Therefore I changed the configuration:

pf redirects all connect requests for port 80 to port 3128

#added to squid.conf
http_port 127.0.0.1:3128 transparent
acl forwardport myport 3128
acl forwardip myip 127.0.0.1/255.255.255.255
http_access deny forwardip forwardport
# allow access to internet
http_access allow our_networks !ebay !useragent

Problem: squid 3.0pre6 now works as a perfect transparent proxy.

Whats's wrong?

Thanks
Reinhard
Received on Tue Oct 02 2007 - 04:26:52 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:00 MDT