Dean Grubb writes:
>Hi,
>
>I am having a problem with ACL's. The problem is that once I've applied
>
>a src acl to a range of IP addresses I can't access any local servers by
>
>specifying their IP address in the URL, but using their DNS name I can.
>I've played around with various config options but can't get it to work.
>
>What I want is to deny a range of IP but allow these IPs to access local
>
>servers, using both DNS names ans IPs.
>
>Summary
>----------
>Squid version 1.1.21 running on FreeBSD
>
>acl 1022 src 147.109.203.144-147.109.203.157/255.255.255.255
>http_access deny 1022
>http_access allow all
You have to list the most specific ACLs first:
acl LOCAL dstdomain tafe.tas.edu.au
acl LOCAL2 dst 147.109.203.17
acl 1022 src 147.109.203.144-147.109.203.157
http_access allow LOCAL
http_access allow LOCAL2
http_access deny 1022
http_access allow all
>
>http://students.tafe.tas.edu.au or http://students works ok
>http://147.109.203.17 does not.
I don't see why the second form doesn't work. The 'src' ACL
type matches the client's IP address, not the name/address
given in the URL.
Duane W.
Received on Wed Jun 10 1998 - 12:43:26 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:41 MST