On Thu, Mar 13, 2008 at 12:43 PM, Agnello George <[EMAIL PROTECTED]> wrote: > this was the suggestion from another forum !! which helped me solve my issue!! > > ################################################### > The security risk is not any individual accessing your proxy, it's the > proxy itself. *THAT* is what needs looking at.
Could you explain that a bit? > > However, you can deny access to the proxy to anyone not in 192.168.0.0/24 > with this iptables rule - assuming your proxy is on port 3128: Well, how would someone from the outside connect to your proxy? You were concerned about public IPs like 202.*. How can they connect to port 3128 of your proxy? Public IP? NAT? How? > > # iptables -I INPUT 1 -s ! 192.168.0.0/24 --dport 3128 -j DROP Thats fine. But in your logs, the public IPs were all destination IPs. Do they disappear after implementing the above rule? I don't think so. Regards, NMK. -- http://mm.glug-bom.org/mailman/listinfo/linuxers
