Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACL for allowing access to "localnet" should be configurable #20

Closed
wunzeco opened this issue Jan 19, 2015 · 2 comments
Closed

ACL for allowing access to "localnet" should be configurable #20

wunzeco opened this issue Jan 19, 2015 · 2 comments

Comments

@wunzeco
Copy link

wunzeco commented Jan 19, 2015

The ACL rule below is a default configuration in squid.conf templates (short and long) and so gets applied always with this module

http_access allow localnet

However, this is not always desirable. For instance, assuming you want to restrict outbound internet access of your private network to a few whitelisted sites. In this case the desired ACL in squid.conf should look like below to achieve the expected access restriction.

<...snip...>
# user-defined ACLs
acl sitesWhitelist dstdomain "/etc/squid3/sites.whitelist"

# user-defined http_accesses
http_access allow localnet sitesWhitelist
http_access allow localhost
http_access deny all

<...snip...>
@thias
Copy link
Owner

thias commented Nov 16, 2015

This partially overlaps with changes proposed in #24. I'll try to think of something, otherwise a clean PR of the shared change would be great!

@thias
Copy link
Owner

thias commented Nov 16, 2015

Actually, this is a duplicate of #17.

@thias thias closed this as completed Nov 16, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thias @wunzeco