Allow specific https sites on squid

Corey Edwards tensai at zmonkey.org
Thu Oct 7 16:08:19 MDT 2010


On 10/07/2010 07:57 AM, Jessie Morris wrote:
> On 10/6/10 9:02 PM, Thara wrote:
>> Guys, 
>> any idea how to block https port 443 and allow some specific sites on squid. Tnx
> 
> Doing this would likely be a firewall thing, from the way you make it
> sound. Something like:
> 
> iptables -P input -p tcp --dport 443 -j DROP
> iptables -P input -p tcp --dport 443 -s 127.0.0.1 -j ACCEPT

Your syntax is a little off. iptables -P sets the default policy. You
probably wanted -A.

iptables -A INPUT -p tcp --dport 443 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j DROP

No comment as to whether this will solve the OP's issue. I don't quite
understand the question.

Corey


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
Url : http://plug.org/pipermail/plug/attachments/20101007/52ed97fd/attachment.bin 


More information about the PLUG mailing list