need squid help
Marcos Aurelio Rodrigues
deigratia33 at gmail.com
Wed Apr 2 17:55:07 UTC 2008
I think block with iptables is not the right way to do that, because de
proxy will process all the request and than the OS will block the connection
on port 443.
Maybe works for you:
acl ALOWED dstdomain .gmail.com .google.com .hotmail.com
acl SSL_ports port 443
http_access allow SSL_ports ALLOWED
http_access deny SSL_ports
http_access allow all
--
========================================
Marcos Aurelio Rodrigues (DEiGrAtiA-33)
<deigratia33 at gmail.com>
CCNA, MCSO
Mirabilia laudo semprer, Dei
========================================
On Tue, Apr 1, 2008 at 3:39 AM, Vivek Mangal <vivek.mangal9685 at gmail.com>
wrote:
> I think, We should append this rule not insert, then
> /sbin/iptables -A OUTPUT -p tcp -dport 443 -j DROP
> another it block all request on 443 port.
> Tell me if i am wrong..
>
> > So , in your case the following rules should work:
> >
> > ### First allow ###
> > /sbin/iptables -I OUTPUT -d gmail.com -p tcp --dport 443 -j ACCEPT
> > /sbin/iptables -I OUTPUT -d <GTALK IP > -p tcp --dport 443 -j ACCEPT
> >
> > ### Then Deny ###
> > /sbin/iptables -I OUTPUT -p tcp --dport 443 -j DROP
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list