Re: how to combine this specific acl ?

From: Henrik Nordstrom <>
Date: Fri, 15 Jan 1999 06:46:13 +0100 wrote:
> It is better to reverse the order
> first use deny and then use allow.

It depends a bit on what you want to do. In this particular case neither
order is correct as it should be turned on the side.

Remember what I have said to many times already: ACL processing is done
top->down and the first access line that fully matches the request says
if it is allow or deny.

On each access line the ACL lists are parsed left->right and careful
ordering and of ACL names in a access line can have great importance on
ACL processing performance, especially if huge regexp lists is involved.

Determining the optimal order is not always obvious.

Henrik Nordstrom
Spare time Squid hacker
Received on Thu Jan 14 1999 - 22:35:35 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:03 MST