公司在美国的一个代理已不够了。
再加一个吧。一个对全公司同事,一个对重要职位的。吼吼。。。
参考贴:
http://zhidao.zgsj.com/article/13/201146160943.shtml
http://www.reaper-x.com/2011/10/17/how-to-install-squid-proxy-on-windows/
Restricting access to your Squid Proxy Server
To limit on who are allowed to connect to your Proxy Server, you should change / add the allowed IP Address that is allowed to connect to your squid proxy at below section
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
By using the same format as the above code for example, acl localnet src 123.456.789.0
And then right before http_access allow localnet, add http_access allow localhost so it looks like:
http_access allow localhost http_access allow localnet
And finally if you don’t want Squid to bind to all adapters (which is the default) you might want to change Squid Listen Address and Port to your LAN IP Address or if you’re just going to use Squid for yourself only then you should use below
# Default http_port 3128 # Bind to localhost at port 3128 only http_port 127.0.0.1:3128
Limiting access to specific ports only
If you need to limit on which ports your Squid proxy clients are allowed to connect to, then you need to adjust this
acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http
For example if you want to limit your clients to HTTP and HTTPS only, then you can remove / comment all the other lines beside 80 and 443
