Lars Holmstrvm wrote:
> I have also searched the monthly posting of squid-users mail. In a mail
> from 6-sep Henrik Nordstrom wrote "By security reasons the default
> RedHat squid.conf only allows localhost access to Squid. " so I added an
> acl "acl flynet src 172.24.0.0/255.255.0.0" and "http_access deny
> !flynet"
Your configuration reads
http_access deny !flynet
http_access allow localhost
Squid also insert a implicit final catch-all rule which is the inverse
of the last defined rule:
http_access deny all
Since there is no rule that matches flynet (only !flynet) the flynet
users will go all thru the access list and then be denied by the final
implicit deny rule.
If you change the flynet rule to read
http_access allow flynet
then thinks should look a lot better.
-- Henrik Nordstrom Squid hackerReceived on Fri Jan 07 2000 - 17:51:09 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:17 MST