I reported an ACL problem that started with 2.3S1 and some have offered a
few suggestions but nothing has worked. The problem still exists with
2.3S2. The problem did NOT exist in versions 2.2S5 and older.
I have the following ACLs defined (among others):
acl dst_int dst 208.xxx.xxx.xxx/255.255.255.224
acl ok_always dstdomain "/etc/squid.ok_always"
acl ok_never dstdomain "/etc/squid.ok_never"
acl no_web_access src 10.1.1.224/255.255.255.240
http_access allow dst_int
http_access allow ok_always
http_access deny ok_never
http_access deny no_web_access
The problem is that users in the 10.1.1.224-239 range are denied access even
to destinations that match the "ok_always" ACL. Interestingly the "dst_int"
and "ok_never" ACLs work fine.
I have prepended all domains in the /etc/squid.ok_always file with a dot.
One of the domains listed is ".autodesk.com" however, the user at 10.1.1.224
cannot go to "www.autodesk.com" and gets the error message for the
no_web_access ACL.
Suggestions appreciated!! I have been beating my head with this one for
quite some time.
--- Rod Savard - Delphi Developer Savard Software - Tri-Cities, Washington, USA rodney@savard.com - http://www.savard.comReceived on Wed Mar 08 2000 - 22:28:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:58 MST