My apologies, I sent this message to Rodo instead to the list. Damn. I will pay more attention to what I am doing in the future. My apologies also to Rodo for the double post.
---------- Forwarded message ---------- From: Carlo Fusco<fusco.carlo@gmail.com> Date: Wed, Sep 7, 2016 at 10:54 AM Subject: Re: wrong section in Squid network based access control To: "R. W. Rodolico" <rodo@dailydata.net>
On Tue, Sep 6, 2016 at 8:12 PM, R. W. Rodolico <rodo@dailydata.net> wrote:
Honestly, I do not know. Maybe we can get information from one of the
developers? Unless you know for certain? It sounds like you have used
the proxy a lot more than I have. Do you know for sure which way it works?
I am quite positive. If I check that box, it will write this on /var/ipfire/proxy/squid.conf
The code looks simple enough to me. The first line allows the blue network to access the blue IP space. The second line denies access to the rest of the network (IPFire_servers), which in my case is green and orange IP space. The exception is the IPFire machine itself (IPFire_ips) which is allowed.
Besides, the comment "Prevent internal proxy access from Blue except IPFire itself" looks to me quite clear.
If there are no objections, I would correct the text in the wiki.