/[smeserver]/rpms/e-smith-proxy/sme9/e-smith-proxy-5.4.0-deny_self_dst.patch
ViewVC logotype

Contents of /rpms/e-smith-proxy/sme9/e-smith-proxy-5.4.0-deny_self_dst.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Tue Apr 14 09:01:10 2015 UTC (9 years, 1 month ago) by vip-ire
Branch: MAIN
CVS Tags: e-smith-proxy-5_4_0-5_el6_sme, e-smith-proxy-5_4_0-4_el6_sme, HEAD 
* Tue Apr 14 2015 Daniel Berteaud <daniel@firewall-services.com> 5.4.0-4.sme
- Prevent forwarding loop when talking directly to squid port [SME: 8907]
1 diff -Nur e-smith-proxy-5.4.0/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10localhost e-smith-proxy-5.4.0_bz8907/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10localhost
2 --- e-smith-proxy-5.4.0/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10localhost 2015-04-13 15:35:20.105000000 +0200
3 +++ e-smith-proxy-5.4.0_bz8907/root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10localhost 2015-04-13 15:55:02.575000000 +0200
4 @@ -18,5 +18,7 @@
5 }
6
7 $OUT .= "acl localsrc src $localAccess\n";
8 - $OUT .= "acl localdst dst $localAccess";
9 + $OUT .= "acl localdst dst $localAccess\n";
10 + $OUT .= "acl selfdst dst 127.0.0.1 $LocalIP\n";
11 + $OUT .= "acl selfport port " . ($squid{TCPPort} || '3128');
12 }
13 diff -Nur e-smith-proxy-5.4.0/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access40denySelf e-smith-proxy-5.4.0_bz8907/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access40denySelf
14 --- e-smith-proxy-5.4.0/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access40denySelf 1970-01-01 01:00:00.000000000 +0100
15 +++ e-smith-proxy-5.4.0_bz8907/root/etc/e-smith/templates/etc/squid/squid.conf/40http_access40denySelf 2015-04-13 15:53:47.920000000 +0200
16 @@ -0,0 +1 @@
17 +http_access deny selfdst selfport
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed