From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 11 Aug 2014 17:39:56 +0000 (-0700)
Subject: Docs: audit updates
X-Git-Tag: SQUID_3_5_0_1~75^2~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c390580b18db9ef4d46395a93a8bafab438c7f8c;p=thirdparty%2Fsquid.git

Docs: audit updates
---

diff --git a/src/cf.data.pre b/src/cf.data.pre
index 53e0140e37..8f5888db33 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1155,7 +1155,7 @@ NAME: proxy_protocol_access
 TYPE: acl_access
 LOC: Config.accessList.proxyProtocol
 DEFAULT: none
-DEFAULT_DOC: all TCP connections will be denied
+DEFAULT_DOC: all TCP connections to ports with require-proxy-header will be denied
 DOC_START
 	Determine which client proxies can be trusted to provide correct
 	information regarding real client IP address using PROXY protocol.
@@ -1180,7 +1180,7 @@ DOC_START
 
 	SECURITY CONSIDERATIONS:
 
-		Any host for which we accept client IP details can place
+		Any host from which we accept client IP details can place
 		incorrect information in the relevant header, and Squid
 		will use the incorrect information as if it were the
 		source address of the request.  This may enable remote
@@ -1236,7 +1236,7 @@ DOC_START
 
 	SECURITY CONSIDERATIONS:
 
-		Any host for which we accept client IP details can place
+		Any host from which we accept client IP details can place
 		incorrect information in the relevant header, and Squid
 		will use the incorrect information as if it were the
 		source address of the request.  This may enable remote