Re: [squid-users] my squid used by someone's proxy server.

From: Alexandre Correa <[email protected]>
Date: Thu, 8 Nov 2007 13:59:47 -0300

iblock via http_access access for only domains that you host.. example:

i host domains:
www.domain1.com
www.domain2.com
www.domainN.com

acl mydomains dstdomain .domain1.com .domain2.com .domainN.com

http_access allow mydomains
http_access deny all

or maybe you can try this other way:

acl myserver dst 200.200.200.200 200.200.200.1
http_access allow myserver
http_access deny all

i think this can solve your problem...

regards !!

AlexandrE

On Nov 8, 2007 4:16 AM, Seonkyu Park <carrot@hscdn.com> wrote:
> Hello Squid users.
>
> I am using squid for server accelerator.
>
> But my squid server used by someone's transparent proxy.
> (My server IP address listed by http://www.proxy-list.net/transparent-proxy-lists.shtml )
> Also listed by google link (PROXY LISTS - Free Anonymous Proxies and Proxy Tools)
>
> Is It possible?
> Plz help on my squid.conf ( for reverse proxy)
> --------------------------------------------------------
> http_port 80 vhost
> icp_port 0
> cache_peer 111.111.111.1 parent 80 0 no-query originserver no-digest
> cache_peer_domain 111.111.111.1 www.abc.com
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl purge method PURGE
> acl CONNECT method CONNECT
> acl port80 port 80
>
> http_access allow port80
> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> http_access deny all
> http_reply_access allow all
> --------------------------------------------------------
>
> And I checked my squid logs.
> (cd /var/log/squid ; grep -v abc.com access.log* | grep -v 503 | grep -v TCP_DENIED)
>
> I found that my squid server (server accelerator) used by someone's proxy server.
>
> (219.136.189.213 - - [08/Nov/2007:15:30:35 +0900] "GET http://www.baidu.com/ HTTP/1.0" 200 4082 "-" "-" TCP_REFRESH)
>
> How can I block it ?
>
>
> Plz help.
>
>
>

-- 
Sds.
Alexandre J. Correa
Onda Internet / OPinguim.net
http://www.ondainternet.com.br
http://www.opinguim.net
Received on Thu Nov 08 2007 - 09:59:54 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST