<answer1>
Why do you want this? standard port range is 1024:4999 (cat
/proc/sys/net/ipv4/ip_local_port_range), you can change this by doing
echo "32000 59000" > /proc/sys.../ip_local_port_range
This is default TCP/IP behaviour, it seems you don't really know about
tcp/ip, so don't change this.
Markus
</answer1> </answer2>
What do you propose to achieve by doing that? It won't give you any more
security, if that's what you're thinking. Oh, and to answer your question, I
don't think it's possible to restrict the source port range used by Squid
only.
Cheers,
Tobias
</answer2> Hello First thx for your answers. The reason why I tried to do this is to restrict access to my proxy from external. Only 5 IP addresses should be allowed to connect to it. Of course, I have done this with ACL's but I think it's allways save to doublecheck such access from the net. Now, you tould me (ok ok, I missed this point :-( ) that the local port usage is restricted to ports lower 5000 I'm going to set squid listening on a port > 5000 and my problem is solved! Changing the ipchains to filter the input was no problem and now I think everything should work. Thanks for your help & time D. Lord -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net