Allowing a port only to certain IP/host

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Allowing a port only to certain IP/host

neok
Hello everyone, I need to enable port 22 in squid but only to a certain server (host.domain.com) in particular, so that the rest of the world cannot be accessed via SSH.
I would like to know this is the right way to do it:

# SFTP policy
acl SSH_port port 22
acl SFTP_policy dst 1.2.3.4
http_access allow SFTP_policy SSH_port localnet
[...]
http_access deny !Safe_ports
[...]

I'd appreciate your comments.
Kind regards
Gabriel

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Allowing a port only to certain IP/host

Antony Stone
On Monday 09 March 2020 at 15:43:14, Service MV wrote:

> Hello everyone, I need to enable port 22 in squid but only to a certain
> server (host.domain.com) in particular, so that the rest of the world
> cannot be accessed via SSH.

Squid does not support SSH.

> I would like to know this is the right way to do it:

Use iptables or whatever other firewall software you use on your gateway router
to block all TCP port 22 outbound access except destination host.domain.com


Antony.

--
"640 kilobytes (of RAM) should be enough for anybody."

 - Bill Gates

                                                   Please reply to the list;
                                                         please *don't* CC me.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Allowing a port only to certain IP/host

Majed


On Mon, 2020-03-09 at 15:48 +0100, Antony Stone wrote:

> On Monday 09 March 2020 at 15:43:14, Service MV wrote:
>
> > Hello everyone, I need to enable port 22 in squid but only to a
> > certain
> > server (host.domain.com) in particular, so that the rest of the
> > world
> > cannot be accessed via SSH.
>
> Squid does not support SSH.
>
> > I would like to know this is the right way to do it:
>
> Use iptables or whatever other firewall software you use on your
> gateway router
> to block all TCP port 22 outbound access except destination
> host.domain.com
>
>
> Antony.
>
yeah he's up to no good again

https://articles.mercola.com/sites/articles/archive/2020/03/10/why-bill-gates-accelerating-toxic-food-system.aspx?cid_source=dnl&cid_medium=email&cid_content=art2ReadMore&cid=20200310Z1&et_cid=DM478066&et_rid=826674687


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users