Restricting access to your Squid Proxy Server
To limit on who are allowed to connect to your Proxy Server, you should change / add the allowed IP Address that is allowed to connect to your squid proxy at below section
acl localnet src 10.0.0.0/8# RFC1918 possible internal network
acl localnet src 172.16.0.0/12# RFC1918 possible internal network
acl localnet src 192.168.0.0/16# RFC1918 possible internal network
By using the same format as the above code for example, acl localnet src 123.456.789.0
And then right before http_access allow localnet, add http_access allow localhost so it looks like:
And finally if you don’t want Squid to bind to all adapters (which is the default) you might want to change Squid Listen Address and Port to your LAN IP Address or if you’re just going to use Squid for yourself only then you should use below
# Default http_port 3128
# Bind to localhost at port 3128 only
http_port 127.0.0.1:3128
Limiting access to specific ports only
If you need to limit on which ports your Squid proxy clients are allowed to connect to, then you need to adjust this
acl Safe_ports port 80# http
acl Safe_ports port 21# ftp
acl Safe_ports port 443# https
acl Safe_ports port 70# gopher
acl Safe_ports port 210# wais
acl Safe_ports port 1025-65535# unregistered ports
acl Safe_ports port 280# http-mgmt
acl Safe_ports port 488# gss-http
acl Safe_ports port 591# filemaker
acl Safe_ports port 777# multiling http
For example if you want to limit your clients to HTTP and HTTPS only, then you can remove / comment all the other lines beside 80 and 443
QQ群⑧:
窥视卡
雷达卡
发表于 2015-9-3 11:44:44
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡