Took my squid down

Discussion in 'Help Iran Online' started by Unregistered, Jun 29, 2009.

  1. I'd been using pretty much the same config file available at Austin heap, ect. Had alot of open connections and plenty of traffic, but couldn't find any evidence at all that access was restricted to Iranian IPs. I did a Whois on a big slew of IP's captured by my router log; found maybe one Iranian IP amongst the Brasilian, French, American ones. I realize I'm a big retard who has no idea what he's doing, but the point is that I've been trying mightily to learn and it's just freakin' impenetrable. If anyone cares to help me do a post mortem so my dumb ass can learn something from the experience, please post here. Thanks.

    BTW, here's my config file:

    acl all src all
    acl manager proto cache_object
    acl localhost src
    acl to_localhost dst
    acl localnet src # RFC1918 possible internal network
    acl localnet src # RFC1918 possible internal network
    acl localnet src # RFC1918 possible internal network
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access allow CONNECT all
    http_access allow localnet
    acl TRUSTED1 src
    acl TRUSTED2 src
    acl TRUSTED3 src
    acl TRUSTED4 src
    http_access allow TRUSTED1
    http_access allow TRUSTED2
    http_access allow TRUSTED3
    http_access allow TRUSTED4
    http_access deny all
    icp_access allow localnet
    icp_access deny all
    follow_x_forwarded_for allow all
    #ssl_engine off
    http_port 4570
    http_port 4571
    http_port 4572
    http_port 4573
    http_port 4574
    http_port 4575
    http_port 4576
    http_port 4577
    http_port 4578
    http_port 4579
    hierarchy_stoplist cgi-bin ?
    access_log none
    cache_store_log none
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern . 0 20% 4320
    #acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
    #upgrade_http0.9 deny shoutcast
    acl apache rep_header Server ^Apache
    broken_vary_encoding allow apache
    forwarded_for off
    header_access X-Forwarded-For deny all
    header_access Via deny all
    client_db off
    coredump_dir none

Share This Page

Customize Theme Colors


Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins