> I think i went for wrong option of manager acl.. forgot the manager acl for this requirement.
> I have tested for this requirement.
>
> Check this setting:
>
> acl test src client-ip-address/32
>
> Before http_access allow all give as
> http_access deny test
>
> Test:
>
> Comment as
> #http_access deny test
> http_access allow all
>
> Browse any url's
>
> Test with
> http_access deny test
> http_access allow all
>
> squid -k reconfigure
> Now you will get denial message!! So you denied that access to that ACL
>
> So the need for the close_connections TAG is not needed at this point.
>
> > Will it close connections for bad_ip during reconfigure? Because even "http_access deny bad_ip" - do not close connections for
> bad_ip!
>
> For other acl's we have to block the GET method too..
>
> acl ban1 dstdom_regex .google.com
> acl get method GET
> #http_access deny get ban1
> http_access allow all
>
> We can remove the access by
> acl ban1 dstdom_regex .google.com
> acl get method GET
> http_access deny get ban1
> http_access allow all
> squid -k reconfigure
>
> I hope your requirement is fully related to the acl setting ,methods and http_access setting at all.
:)
I think i should explain situation on example.
i have some user (1st step):
acl usver src 1.2.3.4
http_access allow usver
This "usver" can browse internet, than he installs ICQ over http via squid.
i do this (2nd step):
acl usver src 1.2.3.4 # no changes
# http_access allow usver - comment this
http_access deny usver
After 2nd step "usver" can't browse internet anymore, BUT ICQ still works!!! And I can close ICQ connection for "usver" only by "squid -k shutdown" (restarting squid). "squid -k reconfigure" keeps ICQ connection alive for him!
But shutting down squid close connections (ICQ, downloading) for ALL users.
I need to close connections selectively - ONLY for some group of users (ACL).
How?
Received on Thu Apr 01 2004 - 03:19:09 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 29 2004 - 12:00:03 MDT