By controlling which destinations are allowed to be reached. see the dst and dstdomain acl types.
Example: acl to_my_servers dst 192.168.1.0/24 acl port80 port 80 acl http protocol http http_access allow http port80 to_my_servers http_access deny all Regards Henrik ons 2003-01-29 klockan 16.37 skrev Devon Harding - GTHLA: > Ok, how do I configure squid to reverse proxy (httpd_accel) to only one host > or network? That way if someone tries to use my squid to proxy back to the > internet, it will fail. > > -Devon > > -----Original Message----- > From: Tesla 13 [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 29, 2003 10:00 AM > To: Devon Harding - GTHLA > Cc: [EMAIL PROTECTED] > Subject: RE: [squid-users] Outgoing http request? > > Is this squid log or your web server's log? Just kidding. > > Shut squid down. It looks like your machine is being used as an open proxy > server by the world. It might be advisable to unplug hte machine from the > network since you are running a proxy server without knowing difference > between a proxy server and web server and therefore unwillingly helping > useless people on the net. > > Tesla > > > >From: Devon Harding - GTHLA <[EMAIL PROTECTED]> > >To: 'Henrik Nordstrom' <[EMAIL PROTECTED]> > >CC: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>, > >"'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > >Subject: RE: [squid-users] Outgoing http request? > >Date: Wed, 29 Jan 2003 09:36:46 -0500 > > > >Well looking at my access.log, I noticed that squid is accessing websites > >that no users have requested. I have not allowed any users to access the > >cache. These requests are coming from squid itself. I think its some kind > >of worm or virus that has affected squid. > > > >61.21.247.37 - - [29/Jan/2003:11:36:22 -0500] "GET > >http://home.hanmir.com/%7Eueookjtsou/report/report0635.gif HTTP/1.0" 504 > >1069 TCP_MISS:NONE > >219.106.192.133 - - [29/Jan/2003:11:36:26 -0500] "GET > >http://home.hanmir.com/~mrtu82bv3/ss2_0744.jpg HTTP/1.0" 504 1045 > >TCP_MISS:NONE > >67.85.244.205 - - [29/Jan/2003:11:36:38 -0500] "POST > >http://www.sparkfind.com/cgi-bin/search/smartsearch.cgi HTTP/1.0" 504 1063 > >TCP_MISS:NONE > >219.98.86.182 - - [29/Jan/2003:11:36:42 -0500] "GET > >http://www.directpornstar.com/dmay/n1/WWL01_1051.gif HTTP/1.0" 504 1057 > >TCP_MISS:NONE > >219.181.160.56 - - [29/Jan/2003:11:36:46 -0500] "GET > >http://home.hanmir.com/%7Eyabwweo487/egg0412.jpg HTTP/1.0" 504 1049 > >TCP_MISS:NONE > >200.198.194.146 - - [29/Jan/2003:11:36:52 -0500] "GET > >http://www.topmoxie.com/external/builds/common/equivalent_domains.htm > >HTTP/1.0" 504 1096 TCP_MISS:NONE > >218.222.245.221 - - [29/Jan/2003:11:37:10 -0500] "GET > >http://210.138.105.147/0616/anime66/anime6601-23.zip HTTP/1.1" 504 1057 > >TCP_MISS:NONE > >165.76.120.115 - - [29/Jan/2003:11:37:40 -0500] "GET > >http://home.hanmir.com/~roninman/bijin0289.jpg HTTP/1.0" 504 1045 > >TCP_MISS:NONE > > > >-Devon > > > >-----Original Message----- > >From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]] > >Sent: Tuesday, January 28, 2003 9:23 PM > >To: Devon Harding - GTHLA > >Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' > >Subject: Re: [squid-users] Outgoing http request? > > > >??? > > > >Squid is not a web server. Squid is a proxy. If you have users using the > >Squid proxy then each request sent by these users to the proxy will > >result in a HTTP request sent by Squid. > > > >Regards > >Henrik > > > >Devon Harding - GTHLA wrote: > > > > > > I noticed in my log, I have out going http request from my squid web > > > servers. > > > > > > No one is on this machine, how are these requests being initiated? Is > >this > >a > > > hack attempt? > > > > > > System is rhl7.3 > > > > > > _____________________ > > > Devon Harding > > > System Administrator > > > Gilat Latin America > > > 954-858-1600 > > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > > > > > This e-mail is intended for the above named addressee(s), and may > >contain > > > information which is confidential or privileged. If you are not the > >intended > > > recipient, please inform us immediately: you should not copy or use this > > > e-mail for any purpose nor disclose its contents to any person. > > > > > > _________________________________________________________________ > MSN 8 with e-mail virus protection service: 2 months FREE* > http://join.msn.com/?page=features/virus -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB, Sweden
