I have an Apache httpd v2.2 server (on Centos 6) set up as a forward proxy to get to a DMZ in a test lab environment. It is working, but I would like to restrict destinations to specific subnets, both IPv4 and IPv6. I've searched for a solution and have not been able to find and answer.
Here is the virtualhost segment of my httpd.conf file: <VirtualHost 10.10.10.185:8080> ProxyRequests On ProxyVia On ProxyBlock "10.20.30.30" <Proxy *> Order deny,allow Allow from 10.1.0.0/24 Deny from all </Proxy> ErrorLog "/var/log/httpd/proxy-error.log" CustomLog "/var/log/httpd/proxy-access.log" common </VirtualHost> The above config allows incoming connections from the 10.1.0.0/24 subnet. It does not allow connections specifically to 10.20.30.30 through the proxy. Instead of blocking that single address, I would like to specify a set of subnets that are allowed, and everything else be denied. For example, allow: 2001:1111:2222:301::0/64 2001:1111:2222:302::0/64 10.20.40.0/24 But block everything else from passing through the proxy. I understand that this would block any url that used a hostname instead of an IP address. Thanks in advance for any help you can provide. Regards, Mike M.