Re[2]: problem: acl based on srcIP dstIP

From: Csaba Koller <[email protected]>
Date: Fri, 24 Mar 2000 21:22:20 +0100

wessels@ircache.net Wrote (Friday, March 24, 2000), Subj.: problem: acl based on srcIP dstIP:

DW> On Fri, 24 Mar 2000 cabcab@cd.hu wrote:
 
>> acl all src 0.0.0.0/0.0.0.0
>> acl mostuser src 192.168.0.0/255.255.255.0
>>
>> acl thesubnet dst 195.195.195.0/255.255.255.0
>>
>> http_access deny !thesubnet
>> http_access allow mostuser
>> http_access deny all
>>
>> But... there is one IP, who can see anything:
>>
>> acl theone src 192.168.0.1/255.255.255.255
>>
>> But no idea how to allow it.

DW> http_access allow theone
DW> http_access deny !thesubnet
DW> http_access allow mostuser
DW> http_access deny all

The order is the key?
Received on Fri Mar 24 2000 - 13:24:49 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:23 MST