| 1 |
On 01/20/10 21:24, Adam wrote: |
| 2 |
>On 01/20/10 16:53, Joseph wrote: |
| 3 |
>> I'm testing squid and want to allow only one domain but it is not |
| 4 |
>> working (using iptable + squid) |
| 5 |
>> iptable: |
| 6 |
>> ACCEPT tcp -- anywhere anywhere tcp |
| 7 |
>> dpt:http owner UID match squid |
| 8 |
>> ACCEPT tcp -- anywhere anywhere tcp |
| 9 |
>> dpt:3128 owner UID match squid |
| 10 |
>> REDIRECT tcp -- anywhere anywhere tcp |
| 11 |
>> dpt:http redir ports 3128 |
| 12 |
> |
| 13 |
>Using "owner" is incorrect, as the packets are not locally generated so |
| 14 |
>the OS has no user context for them. |
| 15 |
|
| 16 |
In a squid log I get: |
| 17 |
|
| 18 |
1263964263.464 0 192.168.1.5 NONE/400 1828 GET / - NONE/- text/html |
| 19 |
|
| 20 |
All I have access is to localhost:361 anything else local is denied including www |
| 21 |
What should I use instead of owner? |
| 22 |
I was following this guide: |
| 23 |
http://www.linux.com/archive/articles/113733 |
| 24 |
|
| 25 |
It worked with dansguardian in between but I was trying to by-pass the dansguardian as I only need to allow access to one or two web-pages. |
| 26 |
|
| 27 |
|
| 28 |
-- |
| 29 |
Joseph |
Archives