0

I have an anonymous squid proxy server running and I would like it to drop requests from any non-approved IP.

I've limited access already via acl's in the squid config. However, if someone tries to access the proxy they get a default squid page advising access is denied. I'd like to remove that step and just have any requests to the proxy port dropped completely to obfuscate it further.

I have fail2ban setup to restrict ssh access. Would this be the best way to go by adding an additional rule for squid or is there a iptables command I could use instead?

Thanks!

Improve this question

1 Answer 1

Reset to default
0 
iptables -A INPUT -p TCP --dport (squidport) -s A,B,C,... -j ACCEPT iptables -A INPUT -p TCP --dport (squidport) -j DROP

Replace A,B,C,... with a comma-separate list of allowed IPs.

The second line is only needed if you don't drop by default (which is highly recommended).

Improve this answer
2
  • Perfect thank you. Just had to change ALLOW to ACCEPT and it worked a treat :) Commented Dec 6, 2016 at 2:32
  • @popcornuk Ah yeah that always trips me up. Locked myself out of a few remote servers that way. Commented Dec 6, 2016 at 2:40

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.