Henny Bekker writes:
>Dear Squid users,
>
>I hope someone can help me with this question concerning the configuration
>of Squid v2.1 ..
>
>On our toplevel cache (Squid v2.1-PL2) we have configured a number of ACL's
>to block all ports except the HTTP, FTP, Gopher and all ports above 1024.
>This with the next ACL's
> ACL Safe_ports 80 21 70 1025-65535
> http_access deny !Safe_ports
>Some users connected to a first level cache (a child cache of our toplevel
>cache) wants to connect to a Web-server running on port 81. This request
>is routed to our toplevel cache which is (of course) blocked with an error
>message.
>What can I do on my first level caches to prevent requests, using other
>ports then the "Safe_port", from being send to the toplevel cache??
>I'm thinking of using the "hierarchy_stoplist" for it, but that will use
>only a list of words and no ALC's....
Try something like this:
cache_peer_access parentcache.foo.org allow Safe_ports
Then, Squid should not forward requests to 'parentcache.foo.org' for
port 81, etc.
Duane W.
