Re: ACLs again... -possible?

From: Matthew <matthew@dont-contact.us>
Date: Thu, 11 May 2000 18:05:53 +0100 (BST)

On Thu, 11 May 2000, Csaba Koller wrote:

>
> Hi dear wisemen,
>
> I have an ACL problem again.
>
> The situation:
>
> there are three ACL SRC groups: thegod, angel, human
>
> there are two ACL DST groups: heaven, earth
>
> thegod can http_access the heaven and the earth
> angel can http_access only the heaven
> human can http_access only the earth
>
> How should i tell that in the squid.conf? :)
>
> I have the folloving:
>
> acl all src 0.0.0.0/0.0.0.0
>
> acl god src 192.168.0.1/255.255.255.255
> acl angel src 192.168.0.2/255.255.255.255
> acl human src 192.168.0.0/255.255.255.0
>
> (acl heaven dst 0.0.0.0/0.0.0.0)
> acl earth dst 192.168.1.0/255.255.255.0
>
> http_access allow thegod

don't you mean "http_access allow god"

> http_access deny !earth
> http_access allow human
> http_access deny all

i think this might be better

http_access allow god
http_access allow human earth
http_access allow angel heaven
http_access deny all

> But now angel can see the earth beacuse he is in
> the human subnet.
>
> Pls, help the angel to reach the heaven and to forget
> the earth! :)
>
> Thanks,
> Csaba
>
>
>
Received on Thu May 11 2000 - 11:09:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:28 MST