Ip_allow.config has "per source" rules, now I've applied a couple of new rules in iptables:
PORTS USED trafficserver: 8080,8083,8084 (should be granted access to these ports?) allowed local resources (127.0.0.1): 80,8087,8090,8093 (web services) ATS USER uid=501(ats) gid=501(ats) groups=501(ats) FIREWALL ADDED RULES: -A OUTPUT -m tcp -p tcp --match multiport -d 127.0.0.1/8 --dports 80,8080,8083,8084,8087,8090,8093 -m owner --uid-owner 501 -j ACCEPT -A OUTPUT -m tcp -p tcp -d 127.0.0.1/8 -m owner --uid-owner 501 -j REJECT -----Original Message----- From: James Peach [mailto:jpe...@apache.org] Sent: martedì 7 ottobre 2014 19:58 To: dev@trafficserver.apache.org Subject: Re: localhost access On Oct 7, 2014, at 9:25 AM, Luca Rea <luca....@contactlab.com> wrote: > Hi, > my proxy receive requests for localhost (127.0.0.1:xxxx), how can I deny > access to local resources? Does ip_allow work for this case? https://docs.trafficserver.apache.org/en/latest/reference/configuration/ip_allow.config.en.html
