[Qa-jenkins-scm] [jenkins.debian.net] 03/04: allow proxy access -- the VNC ports thing is odd though

Holger Levsen holger at layer-acht.org
Wed May 11 19:56:06 UTC 2016 

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to branch master
in repository jenkins.debian.net.

commit 6e3899e592d50701b497474c044d912f40233fcc
Author: Philip Hands <phil at hands.com>
Date:   Wed May 11 17:25:01 2016 +0200

    allow proxy access -- the VNC ports thing is odd though
    
    It seems that the virt-viewer session gets tangled up
    with the proxy, such that sikuli cannot see the screen without
    this VNC_ports access allowed.
---
 hosts/jenkins-test-vm/etc/squid3/squid.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/hosts/jenkins-test-vm/etc/squid3/squid.conf b/hosts/jenkins-test-vm/etc/squid3/squid.conf
index 515d537..27b1559 100644
--- a/hosts/jenkins-test-vm/etc/squid3/squid.conf
+++ b/hosts/jenkins-test-vm/etc/squid3/squid.conf
@@ -697,7 +697,7 @@
 # Example rule allowing access from your local networks.
 # Adapt to list your (internal) IP networks from where browsing
 # should be allowed
-#acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
+acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
 #acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
 #acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
 #acl localnet src fc00::/7       # RFC 4193 local private network range
@@ -714,6 +714,7 @@ acl Safe_ports port 280		# http-mgmt
 acl Safe_ports port 488		# gss-http
 acl Safe_ports port 591		# filemaker
 acl Safe_ports port 777		# multiling http
+acl VNC_ports port 5900-5999	# VNC ports
 acl CONNECT method CONNECT
 
 #  TAG: follow_x_forwarded_for
@@ -822,6 +823,7 @@ http_access deny manager
 # Deny requests to certain unsafe ports
 http_access deny !Safe_ports
 
+http_access allow CONNECT VNC_ports
 # Deny CONNECT to other than secure SSL ports
 http_access deny CONNECT !SSL_ports
 
@@ -837,7 +839,7 @@ http_access deny CONNECT !SSL_ports
 # Example rule allowing access from your local networks.
 # Adapt localnet in the ACL section to list your (internal) IP networks
 # from where browsing should be allowed
-#http_access allow localnet
+http_access allow localnet
 http_access allow localhost
 
 # And finally deny all other access to this proxy

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/qa/jenkins.debian.net.git

More information about the Qa-jenkins-scm mailing list