Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 37161

Summary: squid listens on all interfaces
Product: Gentoo Linux Reporter: Axxackall <axxackall>
Component: [OLD] ServerAssignee: Donny Davies (RETIRED) <woodchip>
Status: VERIFIED WORKSFORME    
Severity: critical CC: jstubbs
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Axxackall 2004-01-03 20:57:17 UTC 
At a server with two interfaces, internal and external, I am trying to limit squid to listen port 80 only on internal interface. Two reasons: I need port 80 on external inerface for Apache and there is no need to serve any proxy for any external proxy clients.

The problem is that squid-2.5.4 ignore the address in http_port setting and binds itself to listen on all interfaces.

Reproducible: Always
Steps to Reproduce:
1. http_port internal_ip 80

Actual Results:  
squid answers on proxy requests from outside

Expected Results:  
It is expected that Squid will bind itself only to listen on the internal interface.

I think it is a critical security bug.
Comment 1 Axxackall 2004-01-06 15:18:09 UTC 
Typo in docs I used: must be colomn instead of second whitespace

http_port internal_ip:80
Comment 2 Andrew Bevitt 2004-04-30 19:35:09 UTC 
No need to keep resolved.