线上squid防火墙配置
發現日志里好多垃圾日志:如
013/05/20 23:48:23 kid12| WARNING: CONNECT method received on http Accelerator port 80
2013/05/20 23:48:23 kid12| WARNING: for request: CONNECT mxs.mail.ru:25 HTTP/1.0
2013/05/20 23:48:25 kid12| WARNING: CONNECT method received on http Accelerator port 80
2013/05/20 23:48:25 kid12| WARNING: for request: CONNECT proxylist.co:443 HTTP/1.1
Host: proxylist.co:443
Proxy-Connection: Keep-Alive
2013/05/20 23:48:56 kid12| WARNING: CONNECT method received on http Accelerator port 80
2013/05/20 23:48:56 kid12| WARNING: for request: CONNECT cas.sdo.com:443 HTTP/1.0
User-Agent: Mozilla/4.0
Host: cas.sdo.com:443
Content-Length: 0
上線那會,我把防火墻關閉了,限制只代理某些域名,這些用戶訪問其他的拒絕;
最近查日志,煩了,內容太多,只想放開80和22,161端口;備注(本人環境是DELL服務器,centos 6.2 ?需要各位注意網卡名)
iptables -F iptables -X iptables -Z iptables -F INPUT iptables -A INPUT -i em1 -p tcp --dport 80 -j ACCEPT iptables -A INPUT -i em1 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i em1 -p udp --dport 161 -j ACCEPT iptables -P INPUT DROP /etc/init.d/iptables save轉載于:https://blog.51cto.com/luyafei/1205268
總結
以上是生活随笔為你收集整理的线上squid防火墙配置的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: EditText 不弹出软件键盘
- 下一篇: jvm垃圾内存回收问题