On ons, 2008-10-15 at 16:16 +1300, Amos Jeffries wrote:
> If anyone identifies your public IP they can point a domain DNS at your
> IP and have it accelerated. Or even configure port 80 as their proxy IP
> and browse through it. A firewall or NAT layer cannot prevent this
> happening.
Only if always_direct is also used.. without always_direct in effect
accelerated requests is not allowed to go direct and only allowed to be
forwarded to known servers (cache_peer). This is just to make sure it's
not too easy to make this kind of bad configuration you talk about.
Regards
Henrik
This archive was generated by hypermail 2.2.0 : Wed Oct 15 2008 - 12:00:03 MDT