[clug] Enforce SSH tunnel to squid proxy
nightweaver at thebhg.org
Tue Sep 23 12:15:44 EST 2003
On 20:58 Mon 22 Sep , Geoff Smith wrote:
> I'm trying to enforce the use of SSH tunnels on my network. I've got
> squid running on a gateway box, and I can set up an SSH tunnel to port
> 3128 on that box no worries.
> The problem is that you can connect to the squid server even if you
> aren't using an ssh tunnel. How can I change this so that only requests
> going through an ssh tunnel get through?
(Don't actually know these work, just ideas...)
Can you bind squid to 127.0.0.1 instead?
Does squid respect ets/hosts.allow and /etc/hosts.deny ?
The first relies on you tunnelling directly to the box with squid, but
the second lets you have another box in the middle if you so choose
(which may be useful in some situations).
More information about the linux