Re: [squid-users] Access Control

From: Chris Robertson <[email protected]>
Date: Fri, 26 Jan 2007 14:37:29 -0900

Matt wrote:
> I am installing Squid 2.6STABLE on CentOS 4.4. I want to have our
> Mikrotik router DST-NAT all port 80 requests to it and use it as a
> transparent cache.
>
> Anyway I am hung up on access control. This was easy on Mikrotik
> integrated cache.
>
> #allow my IP pools on port 80
> src-address=12.1.1.0/24 dst-port=80 action=allow
> src-address=12.1.3.0/24 dst-port=80 action=allow
> #deny all else
> action=deny
>
> How do I accomplish this in the Squid config?
>
> Also, if I DST-NAT all port 80 traffic to the linux box Squid is
> running on do I need to config anything special in the Linux kernel?
>
> Thanks.
>
> Matt

The FAQ is your friend...

http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#head-e826e98e3db89dd81cf2b48da8c2f59688e6be4a
for the interception cache part and
http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-c87419712cac704d01cecc7da11cd02f489b6986
for the ACLs

As for Kernel modifications, I think as long as you have allowed IP
Forwarding (is that even a Kernel setting? It's been so long since I
compiled my own...) you should be good to go.

Chris
Received on Fri Jan 26 2007 - 16:37:35 MST

This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST