Access lists

From: Diego Sierra <>
Date: Tue, 21 Jan 1997 14:55:19 +0000


A question about access lists ordering: are they tested in order?, this
is, if there is a line that allows an access but a later one deny it,
what happens?, is it allowed ot denied?

In this example:

acl one src ...
acl two src ...
acl three src ...

http_access allow one
http_access allow two
http_access deny all
http_access allow three

A computer that matchs acl "one" has de access granted ???
Is necessary the last "deny all" line ???
Should the last line read "http_access deny !one !two" ???
What happens to a computer that matchs acl "three" ???

Thanks you in advance.

Received on Tue Jan 21 1997 - 07:03:27 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:08 MST