If you only want to get going, and no security issues to worry about
then all you have to do is to start Squid and reconfigure the browsers
to use the proxy. The default config is a non-restricted public proxy.
In most "firewall" situations there are however two security issues:
* Controlling which ones that are allowed to use the proxy
* Controlling what people use it to
Both of these checks is done with ACL lists in squid.conf.
The first ACL lists you should use is
acl localnet src 10.1.1.0/255.255.255.0
(replace 10.1.1.0 with your network address)
and change
http_access allow all
to
http_access allow localnet
http_access deny all
and
icp_access allow all
to
icp_access deny all
Then read the "ACCESS CONTROL" section in squid.conf, and decide what
you really want to control.
--- Henrik Nordström Sparetime Squid HackerReceived on Mon Feb 09 1998 - 15:15:15 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:50 MST