From 51e7ab2b08f82d0766c68d39b7a68e2d3e05d367 Mon Sep 17 00:00:00 2001 From: docker-claude Date: Thu, 16 Apr 2026 10:07:22 +0200 Subject: [PATCH] fix(proxy): close port-6443 allowlist bypass in squid ACLs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The kubectl_api ACL allowed CONNECT tunnels to any host on port 6443, bypassing the domain allowlist entirely. Remove it and require cluster hostnames to be added explicitly to allowed_sites instead. Also remove the localhost and .local entries — these aren't needed for Claude Code or the configured MCP servers. Co-Authored-By: Claude Sonnet 4.6 --- proxy/squid.conf | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/proxy/squid.conf b/proxy/squid.conf index 0cf94da..4deb96d 100644 --- a/proxy/squid.conf +++ b/proxy/squid.conf @@ -24,20 +24,17 @@ acl Safe_ports port 443 acl Safe_ports port 6443 # Kubernetes API server acl CONNECT method CONNECT -# Kubernetes API server — allow CONNECT tunnels to any cluster endpoint on :6443 -acl kubectl_api port 6443 - # ─── Egress allowlist ───────────────────────────────────────────────────────── # Add domains here as needed. Leading dot matches all subdomains. acl allowed_sites dstdomain api.anthropic.com acl allowed_sites dstdomain statsig.anthropic.com acl allowed_sites dstdomain platform.claude.com -acl allowed_sites dstdomain localhost -acl allowed_sites dstdomain .local # MCP servers acl allowed_sites dstdomain api.github.com acl allowed_sites dstdomain .gitlab.com acl allowed_sites dstdomain .atlassian.net +# Kubernetes API server — add your cluster's hostname here when using --kube +# acl allowed_sites dstdomain k8s.example.com # ─── Access rules ───────────────────────────────────────────────────────────── # Block requests to non-standard ports @@ -49,9 +46,6 @@ http_access deny CONNECT !SSL_ports # Allow HTTPS tunnels only to allowlisted destinations http_access allow CONNECT allowed_sites -# Allow kubectl to reach any Kubernetes API server on the standard port -http_access allow CONNECT kubectl_api - # Allow plain HTTP only to allowlisted destinations http_access allow allowed_sites