From: Roddie H. <ro...@kr...> - 2003-07-27 00:47:59
|
Gunnar, > interfaces at the same time (without also listening to > eth1, the internet connection). I would also be able > to solve the problem by routing, but I'd prefer > setting listen-address if possible. Hal and company can answer for sure, but according to the comments that I can see in the config file, you can only have one listen-address or else listen on all interfaces. However, the ACL feature looks like it will help you protect yourself from eth1 access. If you have no listen-address configured, privoxy will listen to all interfaces. Then you can configure an ACL like: permit-access 192.168.6.0/23 or if privoxy doesn't let you supernet: permit-access 192.168.6.0/24 permit-access 192.168.7.0/24 There is an implicit deny-access at the end, apparently, so that will block any other source addresses. You could also block tcp 8118 inbound on eth1 with whatever firewall software you're running on the box. Curious - Have you tried configuring a pair of listen-address statements? Hope that helps! Roddie -- <>> Roddie Hasan CCIE #7472, CCNP, CCDP, SCSA, MCSE <>> Sr. Network Design Engineer - Federal Reserve Bank |