mirror of
https://github.com/kasmtech/workspaces-core-images.git
synced 2024-11-07 08:04:06 +01:00
KASM-1934 Removed set of allowed ports, allow all now
This commit is contained in:
parent
5dbde177c0
commit
43da0c244e
@ -7,7 +7,7 @@ acl blocked_websites dstdomain "/etc/squid/blocked.acl"
|
||||
http_access deny blocked_websites
|
||||
|
||||
acl ssl_bypass_domains ssl::server_name "/etc/squid/ssl_bump_bypass_domains.conf"
|
||||
acl ssl_bypass_ips dst "/etc/squid/ssl_bump_bypass_ips.conf
|
||||
acl ssl_bypass_ips dst "/etc/squid/ssl_bump_bypass_ips.conf"
|
||||
|
||||
deny_info ERR_ACCESS_DENIED blocked_websites
|
||||
acl step1 at_step SslBump1
|
||||
@ -17,19 +17,13 @@ ssl_bump splice ssl_bypass_ips
|
||||
ssl_bump bump all
|
||||
|
||||
acl SSL_ports port 443
|
||||
acl Safe_ports port 80 # http
|
||||
acl Safe_ports port 21 # ftp
|
||||
acl Safe_ports port 443 # https
|
||||
acl Safe_ports port 70 # gopher
|
||||
acl Safe_ports port 210 # wais
|
||||
acl Safe_ports port 1025-65535 # unregistered ports
|
||||
acl Safe_ports port 280 # http-mgmt
|
||||
acl Safe_ports port 488 # gss-http
|
||||
acl Safe_ports port 591 # filemaker
|
||||
acl Safe_ports port 777 # multiling http
|
||||
acl CONNECT method CONNECT
|
||||
|
||||
http_access deny !Safe_ports
|
||||
# The following two lines are an example of how we can leaverage squid to block ports, there can be as
|
||||
# many acl statements adding ports to Safe_ports as are needed.
|
||||
#acl Safe_ports port 443 # https
|
||||
#http_access deny !Safe_ports
|
||||
|
||||
http_access deny CONNECT !SSL_ports
|
||||
http_access allow localhost manager
|
||||
http_access deny manager
|
||||
|
Loading…
Reference in New Issue
Block a user