Re: [squid-users] ACL on different OS

From: Ammad Shah <[email protected]>
Date: Fri, 11 Jan 2008 15:55:00 +0500 (PKT)

Yup i already configured rDNS, and also it is defined in squid.conf and
/etc/resolv.conf.

if it doesn't reslove the name, it displays a warning while starting or
when i reconfigure it

fbsd# squid -k reconfigure
2008/01/11 15:51:02| aclParseIpData: Bad host/IP: 'farrukh.ammad.local'

> Ammad Shah wrote:
>> I am using FC7 in production, due to some load balancing, i installed
>> BSD
>> 6.2. since each and every thing was working properly, i just copied
>> squid
>> acl from /etc/squid.conf of FC7 to BSD squid. *(not whole file)
>>
>> but ACL are not working.
>>
>> acl appmime urlpath_regex -i \.dgm$ \.cab$ \.msi$ \.mp2$ \.mpg$
>> acl allowed src ammad.nethome.local
>>
>>
>> http_access allow allowed all
>> http_access allow allowed appmime
>
> This second permission will have no effect as the first line matches
> 'allowed' and lets them do anything.
>
>> http_access deny appmime
>>
>> these acl allow my computer named "ammad.nethome.local" to download
>> these
>> files. but deny every other host to get these type of files.
>>
>> when i coped these to Free BSD, it results to faile "Access denied web
>> page"
>
> Are you sure the rDNS for ammad.nethome.local works and is the machine
> you are testing from?
> Squid will do an rDNS lookup at the time it was started/reconfigured and
> use that permanently as the src check.
>
>>
>> Is it not supported on Free-BSD?
>
>> thanks
>
> Amos
> --
> Please use Squid 2.6STABLE17 or 3.0STABLE1.
> There are serious security advisories out on all earlier releases.
>
Received on Fri Jan 11 2008 - 03:56:50 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:04 MST