zha guiting wrote:
>
> Dear Sirs,
>
> I have installed the squid on our linux system, I add access control list as below into squid.conf.
> ..
> acl dstf1 dstdomain cn edu
> acl dstip dst 0.0.0.0/0.0.0.0
> acl our src 202.195.240.0/255.255.255.0
> acl net src 202.195.242.0/
> acl all src 0.0.0.0/0.0.0.0
> ..
> http_access allow dstf1
> http_access deny dstip
> http_access allow our net
Change the above line to:
http_access allow our
http_access allow net
And put some sort of a netmask on your 'net' acl:
acl net src 202.195.242.0/255.255.255.0
ACL's listed on an http_access line are and'ed together...so your line
'http_access allow our net' only allows a client access if they are in
'our' AND in 'net'...which they can't be. This is in the FAQ, I might
add.
D
Received on Thu Nov 25 1999 - 16:48:20 MST
This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT