Hello,
i`m somewhat new to squid "in depth" configuration and need some advice.
i run an older squid release on a multi-homed system which connects to the internet on the first interface,
to the local net (10.0.0.0) on the second interface (10.0.0.1)
for hardening purpose i configured squid to bind to internal interface only (10.0.0.1:3128) and disabled
all additional ports (icp_port etc.)
now, there is one open port left and i`m not sure what`s the purpose of this:
udp 0 0 0.0.0.0:34806 0.0.0.0:* 6593/(squid)
why does squid listen to udp requests ?
there seems a relation to this params:
# udp_incoming_address 0.0.0.0
# udp_outgoing_address 255.255.255.255
but if i bind udp port to internal interface, squid won`t resolve names anymore.
why this?
squid.conf is telling, that this params ar for icp sockets, not for dns
# udp_incoming_address is used for the ICP socket receiving packets
# from other caches.
# udp_outgoing_address is used for ICP packets sent out to other
# caches.
any hints how to disable this port for listening or binding to internal interface only ?
would it help if i update to most recent squid release ?
regards
roland
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
Received on Thu Oct 11 2007 - 16:38:28 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:01 MDT