Re: debian squid proxy server
> On Tue, 28 Nov 2006 15:29:33 +0100 "debian" <debian2@searo.be> wrote:
> > there is an internet application and i have some clients who needs to
> > connect to it.
> > Firewall is setup, proxy server is squid.
> > The internet application is using different ports, my proxy server
> > listens only to port 80 (http traffic for internet)
> > the users can also go to https sites (which are using port 443).
> >
> > The internet application is using different ports (like port 7090 and
> > others), how does it come that my client pc's can't connect via the
> > proxy to those ports ?
On 28.11.06 16:01, Liam O'Toole wrote:
> Squid maintains an access control list called "Safe_ports". I suspect
> that port 7090 isn't in the list. See the file /etc/squid/squid.conf for
> details.
if that is a HTTP, "debian" may decide, if it's needed to allow ports like
7090 only to some hosts, or everywhere. Also, if it's HTTP running on those
ports, it's not needed to allow application ask squid to CONNECT there, only
to fetch objects from those port(s).
define acls:
acl app_src src [IP spec] # IP's where application runs
acl app_port dstport 7090 # and possibly other ports
acl app_host dst [IP spec] # to define hosts by IP addresses
or
acl app_host dstdomain [host spec] # to define hosts by names
and allow access before other http_access directives:
http_access allow app_src app_port app_host
or
http_access allow app_src CONNECT app_port app_host
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!
Reply to: