: In an effort to secure my proxy filter, I'd like to disallow connections : to ports 8080 and 3128 from remote hosts, that is I only want to allow : access from 127.0.01. Can anyone specify an iptables rule to accomplish : this. I've posted below my existing rules:
It looks like someone already got you the iptables rules to do what you need.. I did some similar blocking for my Squid proxy server here using Squid's config file. Basically, it just allows access to the cache/proxy for the acls that I allowed and denies everyone else.. I don't know if one way is better than the other (iptables vs. Squid), but I thought it might be useful to put the info up anyway.. Here's how I did it: #Set up some acls here.. acl all src 0.0.0.0/0.0.0.0 acl local src 192.168.1.0/24 acl localhost src 127.0.0.1/255.255.255.255 acl kazaa port 1214 #Regular expression matching stuff acl porn url_regex "/etc/squid.d/porn" acl porn1 url_regex "/etc/squid.d/porn1" #Now turn on the blocking rules http_access deny all kazaa http_access deny all porn http_access deny all porn1 http_access allow localhost http_access allow local http_access deny all Later, Bob ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
