Allow proxying to any ports

On the assumption they're HTTP, it's probably fine to route to anything. We're not trying to act as a firewall
This commit is contained in:
Jake Howard 2022-11-06 22:16:48 +00:00
parent b9283ec445
commit 2bbd1c681b
Signed by: jake
GPG key ID: 57AFB45680EDD477

View file

@ -16,18 +16,6 @@ acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
# Only allow HTTPS
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost # Only allow cachemgr access from localhost
http_access allow localhost manager http_access allow localhost manager
http_access deny manager http_access deny manager