I thought this would be easy but it's not working for some reason and i'm not sure why. working absolute bare-minimum squid
acl localnet src 192.168.x.x/255.255.x.x
never_direct allow localnet
http_access allow localnet
if I add
acl standalonenet src 172.16.10.0/255.255.255.240
never_direct allow localnet standalonenet
http_access allow localnet standalonenet
restarts no problem
now new & previous working 192.168 network is access denied
I've narrowed it down. everything gets denied the second i put standalonenet on http_access allow
here's the situation:
squid proxy with 2 nics, 1 internal 1 external
I need an isolated subnet internally with internet access.
Plan was : Give the internal network card an eth0:1 address, allow it through squid.
apparently it's not as simple as I imagined
ok it doesn't break if I use http_access allow all
I can't see a problem using that....
172 workstation times out on webpage requests... wondering if that's because there's no dns on the 172 network....
remembered never_direct in squid config
now it all works with never_direct allow all
hopefully allow all isn't making it hopelessly insecure in ways I can't foresee.
Last edited by browolf; 13th January 2011 at 12:00 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)