Re: problem: acl based on srcIP dstIP

From: Duane Wessels <[email protected]>
Date: Fri, 24 Mar 2000 13:16:31 -0700

On Fri, 24 Mar 2000 cabcab@cd.hu wrote:
 
> acl all src 0.0.0.0/0.0.0.0
> acl mostuser src 192.168.0.0/255.255.255.0
>
> acl thesubnet dst 195.195.195.0/255.255.255.0
>
> http_access deny !thesubnet
> http_access allow mostuser
> http_access deny all
>
> But... there is one IP, who can see anything:
>
> acl theone src 192.168.0.1/255.255.255.255
>
> But no idea how to allow it.

http_access allow theone
http_access deny !thesubnet
http_access allow mostuser
http_access deny all
Received on Fri Mar 24 2000 - 13:19:25 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:23 MST