[squid-users] How to disable Regular Proxy Access under Interception Mode?

From: kkk kkk <fafafa888_at_gmail.com>
Date: Thu, 9 Jun 2011 07:11:05 -0400

Hi everyone,

I'm running Squid 3.1 in Interception mode that is set to intercept
traffic to a list of 10 websites.
One security concern I have is that anyone in my ACL can enter my
proxy IP and port in their browser and use it as a regular proxy.

Is there a way to disable this access? If I can disable this access,
no one can abuse my service because I can control what dstDomains will
use my proxy.

This is my current setup:

acl allowed_IP src IP
http_access allow allowed_IP
http_access deny all

Only Domains want to allow access:
acl allowed_domains dstdomain

If it's not theoretical possible, how can I write an ACL combo that
only allow "allowed_ip" to access "allowed_domains" instead of
accessing everything once it's allowed?

Thanks!
Received on Thu Jun 09 2011 - 11:11:12 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 10 2011 - 12:00:01 MDT