Re: ACL Problem

From: Duane Wessels <>
Date: Wed, 10 Jun 1998 13:42:33 -0600

Dean Grubb writes:

>I am having a problem with ACL's. The problem is that once I've applied
>a src acl to a range of IP addresses I can't access any local servers by
>specifying their IP address in the URL, but using their DNS name I can.
>I've played around with various config options but can't get it to work.
>What I want is to deny a range of IP but allow these IPs to access local
>servers, using both DNS names ans IPs.
>Squid version 1.1.21 running on FreeBSD
>acl 1022 src
>http_access deny 1022
>http_access allow all

You have to list the most specific ACLs first:

acl LOCAL dstdomain
acl LOCAL2 dst
acl 1022 src

http_access allow LOCAL
http_access allow LOCAL2
http_access deny 1022
http_access allow all

> or http://students works ok
> does not.

I don't see why the second form doesn't work. The 'src' ACL
type matches the client's IP address, not the name/address
given in the URL.

Duane W.
Received on Wed Jun 10 1998 - 12:43:26 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:41 MST