Re[2]: [SQU] acl mistaking

Hello Henrik,

yes I have had restarted and reconfigured my Squid after making the change to squid.conf.

Aliens still can use it.
here are some lines from access.log:

972217907.313 351 195.161.101.116 TCP_MISS/200 1767 GET http://u521.98.spylog.com/cnt? - DIRECT/u521.98.spylog.com image/gif
972217908.001 311 195.161.101.116 TCP_MISS/302 404 GET http://btn2.linkexchange.ru/cgi-bin/rle.cgi? - DIRECT/btn2.linkexchange.ru text/html
972217908.133 253 195.161.101.116 TCP_MISS/302 404 GET http://btn2.linkexchange.ru/cgi-bin/rle.cgi? - DIRECT/btn2.linkexchange.ru text/html
972217908.519 248 195.161.101.116 TCP_MISS/302 404 GET http://10e2.linkexchange.ru/cgi-bin/rle.cgi? - DIRECT/10e2.linkexchange.ru text/html
972217909.195 233 195.161.101.116 TCP_MISS/302 404 GET http://10e2.linkexchange.ru/cgi-bin/rle.cgi? - DIRECT/10e2.linkexchange.ru text/html
972217909.519 55 195.161.101.116 TCP_HIT/200 6194 GET http://rle-mirror.agtel.net/users/012244/012244-9.gif - NONE/- image/gif
972217909.723 652 195.161.101.116 TCP_MISS/200 7405 GET http://ad.120.tbn.ru/bb.cgi? - DIRECT/ad.120.tbn.ru image/gif
972217910.129 932 195.161.101.116 TCP_MISS/200 9193 GET http://ad.120.tbn.ru/bb.cgi? - DIRECT/ad.120.tbn.ru image/gif
972217910.526 82 195.161.101.116 TCP_HIT/200 3005 GET http://rle-mirror.agtel.net/users/026562/026562-1.gif - NONE/- image/gif

As u see IP 195.161.101.116 is not in ACLs and it can use my SQUID.
So what's the point?

Sunday, October 22, 2000, 4:55:36 PM, you wrote:

HN> Everything looks correct.

HN> a) Have your restarted/reconfigured Squid after making the change to
HN> squid.conf?

HN> b) Are you sure the alien IP's are still allowed access? What is said in
HN> access.log?

HN> --
HN> Henrik Nordstrom
HN> Squid hacker

HN> Priamikov Alexei wrote:
>>
>> Hello squid-users,
>> I'm happy with my squid 2.3STABLE4. But I have a problem with a access control lists.
>> I have 2 sub nets. one (193.233.108.80/255.255.255.240) are the real IP adresses and the other ones are internal (10.10.10.0/255.255.255.0)
>> and I want to close access to my squid for the "alien" IP. Is it correct to do the following conf:
>>
>>
>> acl all src 0.0.0.0/0.0.0.0
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/255.255.255.255
>>
>> acl econnet1 src 193.233.108.80/255.255.255.240
>> acl econnet2 src 10.10.10.0/255.255.255.0
>>
>> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>> #
>> http_access allow econnet1
>> http_access allow econnet2
>> http_access deny all
>>
>> so my ACL works not right. all IP adresses have access to http_access. :(
>>
>> I'd be pleased to any help. so what's the point?
>>
>> PS: Sorry for bad English.
>>
>>
>> --
>> Best regards,
>> Priamikov Alex mailto:apriam@info.novsu.ac.ru
>>
>> --
>> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

HN> --
HN> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

-- 
Best regards,
 Priamikov                            mailto:apriam@info.novsu.ac.ru
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html