Enhancement #3101
Web proxy: add property for Squid safe ports
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-squid | |||
Target version: | v6.6 | |||
Resolution: | NEEDINFO: | No |
Description
Safe ports are a list of ports where the proxy can connect.
If a port is not inside the safe ports list, the proxy will refuse to contact the server.
For example, given a HTTP service running on port 112233, the server can't be accessed using the proxy.
Create a SafePorts property to allow the customization of allowed ports.
Related issues
Associated revisions
squid.conf template: add support for custom safe ports. Refs #3101
History
#1 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.6
- % Done changed from 0 to 20
#2 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 30 to 60
Added SafePorts
option, the options doesn't replace existing list of safe ports.
The new property can be a comma-separated list of ports which will be added to the default list of safe ports.
To get the default safe ports list, just execute:
grep Safe_ports /etc/squid/squid.conf
#4 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
Package in nethserver-testing:
- nethserver-squid-1.3.2-1.1.g15425b6.ns6.noarch.rpm
- Try to set new safe ports:
config setprop squid SafePorts 446,447
- Check the ports are listed inside squid.conf
grep Safe_ports /etc/squid/squid.conf
- Check squid is running
#5 Updated by Filippo Carletti over 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
config setprop squid SafePorts 446
Update to nethserver-squid-1.3.2-1.2.g8eb5fbb.ns6.noarch
# grep Safe_ports /etc/squid/squid.conf acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 980 # httpd-admin (server-manager) *acl Safe_ports port 446*
#6 Updated by Giacomo Sanchietti over 6 years ago
- Related to Enhancement #3106: Web proxy: add prop for squid SSL_ports added
#7 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Released in nethserver-updates:
- nethserver-squid-1.3.3-1.ns6.noarch.rpm
Also updated documentation.