I have a Squid 3.0 reverse proxy setup to route traffic to 4 different web servers based on HTTP headers.
I've now setup a php file which runs a shell script on a web server. I would like for this one page to only be accessible from 4 specific IP addresses and everything else to be accessible from anywhere.
So
www.censored.com/pull-latest-from-github.php can only be accessed from 123.456.789.10 and 111.222.333.444 and 13.37.45.5
I have attached my squid.conf file. Could I have some help setting this up please? Can squid actually do what I want?
Cheers.
Details:
Ubuntu 10.4
Squid 3.0.STABLE26
Extract from /etc/squid3/squid.conf
Code:
visible_hostname censored.com
http_port 80 accel defaultsite=www.censored.com vhost
https_port 443 accel cert=/usr/newrprgate/CertAuth/cert.cert key=/usr/newrprgate/CertAuth/key.pem defaultsite=1.2.3.4 vhost
forwarded_for on
cache_peer api.censored.com parent 443 0 no-query originserver ssl sslversion=3 sslflags=DONT_VERIFY_PEER front-end-https=on name=api
acl sites_api dstdomain api.censored.com
cache_peer_access api allow sites_api
acl https proto https
cache_peer test-api.censored.com parent 443 0 no-query originserver ssl sslversion=3 sslflags=DONT_VERIFY_PEER front-end-https=on name=test-api
acl sites_test-api dstdomain test-api.censored.com
cache_peer_access test-api allow sites_test-api
acl https proto https
cache_peer www.censored.com parent 80 0 no-query originserver name=www
acl sites_www dstdomain www.censored.com
cache_peer_access www allow sites_www
acl http proto http
cache_peer test-www.censored.com parent 80 0 no-query originserver name=test-www
acl sites_test-www dstdomain test-www.censored.com
cache_peer_access test-www allow sites_test-www
acl http proto http
acl melbourne src 0.0.0.0/0
http_access allow melbourne
access_log /var/log/squid/access.log
cache_mgr username@sanatised.com
