jegyzet

https://www.centos.org/forums/viewtopic.php?t=8801

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 221.120.96.0/21
acl mylan src 172.16.110.0/24

acl blocked_site dstdomain “/etc/squid/blocked”
http_access deny blocked_site

acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow localhost
http_access allow mylan
http_access allow localnet
http_access deny all

http_port 3128 transparent
https_port 3129 transparent

————————————————————————————————–

Here’s the iptables rules for my server machine:-

—————————————————————————————————

iptables -t nat -A POSTROUTING -s 172.16.110.0/255.255.255.0 -j SNAT –to-source 221.120.97.54
iptables -t nat -A PREROUTING -s 172.16.110.0/255.255.255.0 -p tcp –dport 80 -j REDIRECT –to-port 3128
iptables -t nat -A PREROUTING -s 172.16.110.0/255.255.255.0 -p tcp –dport 443 -j REDIRECT –to-port 3129

Leave a Reply