Re: [squid-users] dstdomain/port acl question

From: Henrik Nordstrom <[email protected]>
Date: Sat, 03 Feb 2007 22:15:32 +0100

fre 2007-02-02 klockan 11:27 -0500 skrev Chris Nighswonger:

> http_access allow manager localhost
> http_access allow manager masada1
> http_access deny manager
> http_access deny CONNECT !SSL_ports
> http_access allow localhost UnauthAccess
> http_access allow localhost WindowsUpdate
> http_access allow localhost Java
> http_access allow cnighswonger-lt
> http_access allow localhost PURGE
> http_access allow localhost AuthorizedUsers
> # Deny connections from inside to the outside webradio stream and
> redirect them to the inside stream
> # The first two entries handle direct stream requests. The last two
> handle file list requests.
> http_access deny streamserver streamport
> deny_info http://192.168.0.238:8000/mountpt streamserver streamport
> http_access deny streamlink
> deny_info http://192.168.0.238:8000/list.m3u streamlink
> #
> http_access deny !Safe_ports
> http_access deny all

This looks a bit odd.. you can not deny what has already been allowed..

http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-926288cb0cbbdea92bc4a807f06dd75ddbc446ff

Regards
Henrik

Received on Sat Feb 03 2007 - 14:15:37 MST

This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST