1 |
On 01/20/10 21:24, Adam wrote: |
2 |
>On 01/20/10 16:53, Joseph wrote: |
3 |
>> I'm testing squid and want to allow only one domain but it is not |
4 |
>> working (using iptable + squid) |
5 |
>> iptable: |
6 |
>> ACCEPT tcp -- anywhere anywhere tcp |
7 |
>> dpt:http owner UID match squid |
8 |
>> ACCEPT tcp -- anywhere anywhere tcp |
9 |
>> dpt:3128 owner UID match squid |
10 |
>> REDIRECT tcp -- anywhere anywhere tcp |
11 |
>> dpt:http redir ports 3128 |
12 |
> |
13 |
>Using "owner" is incorrect, as the packets are not locally generated so |
14 |
>the OS has no user context for them. |
15 |
|
16 |
In a squid log I get: |
17 |
|
18 |
1263964263.464 0 192.168.1.5 NONE/400 1828 GET / - NONE/- text/html |
19 |
|
20 |
All I have access is to localhost:361 anything else local is denied including www |
21 |
What should I use instead of owner? |
22 |
I was following this guide: |
23 |
http://www.linux.com/archive/articles/113733 |
24 |
|
25 |
It worked with dansguardian in between but I was trying to by-pass the dansguardian as I only need to allow access to one or two web-pages. |
26 |
|
27 |
|
28 |
-- |
29 |
Joseph |