Hello all.
Few days ago I created a SQUID transparent server. Looks good so far. Requests for http go through the proxy server (verified via the logs). However, I am buffled with something.
The client machine is using as its Default Gateway the IP of the Squid server. The Squid server allows for http connections but there is nothing defined for SSH in the ACLs. Despite that I can SSH to whatever machine I want.
Since everything is going through the Proxy server and there is no ACL defined to allow SSH connections, I should not be able to SSH to any of my machines. Yes? No? Below are all of my ACLs
acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http Thank you:)
[link][8 comments]