Re: cache manager access

From: Duane Wessels <wessels>
Date: Wed, 14 Aug 96 16:03:33 -0700 writes:

>I'm having trouble understanding the format of acl commands. The default
>configuration file, with "http_access deny manager !localhost" made the
>manager inaccessible from anywhere, so I defined a new aclname thus:
>acl ns srcdomain
>http_access deny manager !ns
>I thought that this would make the manager accessible to clients from the
>two domains specified, but it actually made it accessible from every
>domain I have been able to test. I also tried
>acl ns srcdomain (no leading dots)
>but I can still access the manager functions from outside these domains.
>I don't understand the format of the http_access statement, as "manager"
>seems to take the role of an object, while "!ns" takes the role of a
>specifier. No such roles are given in the format description.
>I have enabled fqdn_log as per the Release Notes.
>So how should I accomplish what I am trying to do? Thanks.

Turn on debugging for the ACL functions

    debug_options 28,9

Then access the cachemgr from where you expect it to fail. Then look
at the cache.log output and try to decide if its a configuration error
or a bug. If you think its a bug, send me the output.

Duane W.
Received on Wed Aug 14 1996 - 16:03:34 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:48 MST