acl problem

From: Leigh R HUME <>
Date: Tue, 4 Jun 1996 18:45:09 -0500

I've had a problem with acl's doing the wrong thing. If someone else has seen
the problem and better has a solution, I'd be most pleased to hear of it.

Scenario : SGI IRIX 5.3 , Squid 1.0 beta 11 compiled with gcc

Squid cache/accelorator on port 80
Real Web server port 8080 ,

same box 137.1111.128.157/ running both

acl ourstuff domain
acl us

http_access deny !us !ourstuff

I've been getting reports from outsiders saying I can access the server.
In the logs:

.... GET OK


I ask a friend on the outside to try connecting using both forms , name and IP
address. When I check the logs for his connections I see either way as

.... GET OK

It would seem squid does a pattern match and is somehow sometimes incorrectly
fed an IP address rather than a name, and the IP address doesn't end
Could it be a dns problem? Unlikely as the name servers are topologically

Leigh HUME  (wearing a private hat unless otherwise stated)
Phone: +61 2  850 7399   (messages)   |    Email:
       +61 41 924 3866   (mobile)     | 
Fax:   +61 2  850 7590                | 
Post: Dr Leigh HUME, Library, Macquarie University 2109, AUSTRALIA
Received on Tue Jun 04 1996 - 01:45:56 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:28 MST