Re: Squid firewall

From: Miguel Angel <nicros@dont-contact.us>
Date: Fri, 25 Apr 1997 16:20:08 +0200

At 14:05 25/04/97 +0200, you wrote:
>In message <1.5.4.32.19970425113951.0075e604@correo.interlink.es> you write:
>> At 12:59 25/04/97 +0200, you wrote:
>> >In message <1.5.4.32.19970425105734.0075da64@correo.interlink.es> you write:
>> >> Ok,that`s make like this:
>> >>
>> >> acl myserver src aaa.bbb.ccc.1-aaa.bbb.ccc.255/255.255.255.0
>> >
>> >simpler just as "aaa.bbb.ccc.0/255.255.255.0"
>> >
>> >> and works,but i want to permit access to my proxy to a unique ip,and i add
>> >> this camp:
>> >>
>> >> acl user src 150.244.33.5/255.255.0.0
>> >>
>> >> he can access to my proxy,but in other computer near him ,with a ip like
>> >> 150.244.33.XXX he also can access,what`s the problem???
>> >
>> >You've specified a netmask of 255.255.0.0 when you meant 255.255.255.255
>>
>> ? i don`t understand,his netmask is 255.255.0.0,i have to put
>> 255.255.255.255,if his netmask is 255.255.0.0??
>
>This is not the same as the netmask used for routing purposes. Maybe the
>terminology used is confusing but what you are specifying is which bits of
>the address are to be checked against the source ip address. If you specify
>a mask of 255.255.0.0 then all addresses in the range 150.244.0.0 through to
>150.244.255.255 are permitted. The mask 255.255.255.255 causes a match of
>exactly one host address.

Ok,i understand it,and i probe and finally works ;))
Thank all for your answers :)

Saludos,

Miguel Angel

___________________________________________________
Miguel Angel Remesal Marcos

INTERNET LINK S.L. nicros@correo.interlink.es
                             http://www.interlink.es
                                         TEL: 3501118
                                        FAX: 3501181
____________________________________________________
Received on Fri Apr 25 1997 - 07:28:47 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:02 MST