aamin@isb.pol.com.pk wrote:
>
> It is better to reverse the order
> first use deny and then use allow.
It depends a bit on what you want to do. In this particular case neither
order is correct as it should be turned on the side.
Remember what I have said to many times already: ACL processing is done
top->down and the first access line that fully matches the request says
if it is allow or deny.
On each access line the ACL lists are parsed left->right and careful
ordering and of ACL names in a access line can have great importance on
ACL processing performance, especially if huge regexp lists is involved.
Determining the optimal order is not always obvious.
--- Henrik Nordstrom Spare time Squid hackerReceived on Thu Jan 14 1999 - 22:35:35 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:03 MST