[squid-users] Help configuring acl our_network rule
Hello everyone, I'm new here. I'm running Squid 2.6 STABLE 21 version on my VPS . I need a little help configuring my Squid. I am using the acl_our network parameter to manually add my ISP dynamic IP address each time as I need my proxy (I'm the only one who needs it, no other users involved). I know that my provider has IPs ranging from 78.134.1.1 to 78.134.130.255 What should my acl our_network be so that that entire range of IP addresses is included and accepted as valid so that I don't have to manually edit the .conf file each time my dynamic IP changes? Thanks a lot. Fabio -- Saluti Cordiali, Fabio Gangarossa Responsabile Gestione Domini Computer Studio - Servizi "Hosting Studio" Fax Operazioni sui domini: +39 02 3919 5436 E-mail: doma...@hostingstudio.net Web: http://www.hostingstudio.net Informativa: Ai sensi del Codice in materia di protezione dei Dati Personali (D.L. 196/03) il contenuto di questa e-mail e degli eventuali allegati sono riservati e ad esclusivo uso del destinatario. Chiunque riceva questo messaggio per errore รจ pregato di distruggerlo e di contattare immediatamente il mittente. Si informa, inoltre, che la risposta alla presente, compresi eventuali allegati, potrebbero essere visionati, ai fini del disbrigo delle competenze lavorative, anche da altro personale addetto.
Re: [squid-users] Help configuring acl our_network rule
On 11/10/10 22:33, Hosting Studio Services - Domains wrote: Hello everyone, I'm new here. I'm running Squid 2.6 STABLE 21 version on my VPS . I need a little help configuring my Squid. I am using the acl_our network parameter to manually add my ISP dynamic IP address each time as I need my proxy (I'm the only one who needs it, no other users involved). I know that my provider has IPs ranging from 78.134.1.1 to 78.134.130.255 What should my acl our_network be so that that entire range of IP addresses is included and accepted as valid so that I don't have to manually edit the .conf file each time my dynamic IP changes? acl our_networks src 78.134.1.1-78.134.130.255 It's best to stick some form of authentication on it as well. Regular ISP networks are under constant scan from other users and infections seeking ways to transmit themselves. If you open any port with ISP-wide access permissions it's likely to be only a matter of minutes before someone or something other than you is using it. Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.8 Beta testers wanted for 3.2.0.2
[squid-users] RE: EXTERNAL: Re: [squid-users] Help configuring acl our_network rule
Just curious, is there any performance impact to doing it that way vs. a couple of CIDR specifications to cover the range? I wasn't aware an ACL would handle such syntax, and used multiple rules. -Original Message- From: Amos Jeffries [mailto:squ...@treenet.co.nz] Sent: Monday, October 11, 2010 6:17 AM To: squid-users@squid-cache.org Subject: EXTERNAL: Re: [squid-users] Help configuring acl our_network rule On 11/10/10 22:33, Hosting Studio Services - Domains wrote: > Hello everyone, I'm new here. > > I'm running Squid 2.6 STABLE 21 version on my VPS . > > I need a little help configuring my Squid. > > I am using the acl_our network parameter to manually add my ISP dynamic IP > address each time as I need my proxy (I'm the only one who needs it, no other > users involved). > > I know that my provider has IPs ranging from > > 78.134.1.1 to 78.134.130.255 > > What should my acl our_network be so that that entire range of IP addresses > is included and accepted as valid so that I don't have to manually edit the > .conf file each time my dynamic IP changes? > acl our_networks src 78.134.1.1-78.134.130.255 It's best to stick some form of authentication on it as well. Regular ISP networks are under constant scan from other users and infections seeking ways to transmit themselves. If you open any port with ISP-wide access permissions it's likely to be only a matter of minutes before someone or something other than you is using it. Amos -- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.8 Beta testers wanted for 3.2.0.2
Re: [squid-users] RE: EXTERNAL: Re: [squid-users] Help configuring acl our_network rule
On Mon, 11 Oct 2010 07:09:57 -0400, "Bucci, David G" wrote: > Just curious, is there any performance impact to doing it that way vs. a > couple of CIDR specifications to cover the range? > > I wasn't aware an ACL would handle such syntax, and used multiple rules. It reduces the number of entries tested each run. So yes there is a small CPU savings. There is no difference at all if an individual list entry. The full pattern specs FWIW are "start-end/mask" with end and mask both being optional. Amos > > -Original Message- > From: Amos Jeffries [mailto:squ...@treenet.co.nz] > Sent: Monday, October 11, 2010 6:17 AM > To: squid-users@squid-cache.org > Subject: EXTERNAL: Re: [squid-users] Help configuring acl our_network rule > > On 11/10/10 22:33, Hosting Studio Services - Domains wrote: >> Hello everyone, I'm new here. >> >> I'm running Squid 2.6 STABLE 21 version on my VPS . >> >> I need a little help configuring my Squid. >> >> I am using the acl_our network parameter to manually add my ISP dynamic >> IP address each time as I need my proxy (I'm the only one who needs it, >> no other users involved). >> >> I know that my provider has IPs ranging from >> >> 78.134.1.1 to 78.134.130.255 >> >> What should my acl our_network be so that that entire range of IP >> addresses is included and accepted as valid so that I don't have to >> manually edit the .conf file each time my dynamic IP changes? >> > > acl our_networks src 78.134.1.1-78.134.130.255 > > It's best to stick some form of authentication on it as well. > > Regular ISP networks are under constant scan from other users and > infections seeking ways to transmit themselves. If you open any port > with ISP-wide access permissions it's likely to be only a matter of > minutes before someone or something other than you is using it. > > Amos
