On 2020-02-13 9:10 am, Patrícia Sousa wrote:
I'm using the squid proxy and I'm trying to block some connections (incoming and outcoming traffic) from a certain ip address. However, for example, if I deny all the connections (http_access deny all) it only blocks the connections that I made to websites for example, but if I use another PC and try to ssh or wget the PC that owns the proxy squid, it is allowed. How can I block the traffic from and to a specific IP or DNS? It is possible to do this with Squid?
If not, what is the best way to do this?
Thank you.
You need two ACL lines:
acl BadIPSource src 1.1.1.1/32
acl BadIPDst dst 1.1.1.1/32
You can use srcdomain & dstdomain instead of src & dst to use domain
instead of IP.
Rules are processed in order, if you are specifically wanting to block
this domain/IP put it first. Then youur allow lines and finally the deny
all line to block anything you haven't specifically allowed.
http_access deny BadIPSource
http_access deny BadIPDst
[...Youur Allow Lines Here...]
http_access deny all
--
Thanks,
Dean E. Weimer
http://www.dweimer.net/
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
