Re: [squid-users] problem with acl, doesn't seem to work...

From: Bgs himself <[email protected]>
Date: Sat, 15 Dec 2001 14:04:25 +0100 (MET)

On 14 Dec 2001, Fernando Medina wrote:

 Hi !

> http_access allow manager localhost
> http_access allow el_salvador
> http_access allow Safe_ports
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> http_access deny manager
> #http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> #
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
> #
> http_access deny all

Non authorized IP-s pass through your el_salvador line but they match the
Safe_ports line so they get out if they connect to any Safe_port (that is
probably everybody :) ).

ACL are processed sequentially. You sould deny !Safe_ports then allow
el_salvador and finally deny all.

Bye
Bgs
Received on Sat Dec 15 2001 - 06:06:11 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:21 MST