ok, got all the stuff running and blocking napster, thansk guys....larry
Craig Fels wrote:
>
> > ok here I go again. I have this:
> >
> > acl discflo src 192.168.0.0/255.255.255.0
> > acl denied src 192.168.0.55/255.255.255.0
> > acl all src 0.0.0.0/0.0.0.0
> >
> > http_access allow discflo
> > http_access deny denied
> > http_access deny all
> >
> > no one gets denied, the one I want to deny is 192.168.0.55, as you can
> > se in the ACL.
>
> Okay, no one gets denied here because everything in the 192.168.0.x subnet
> matches the acl discflo. None of the sources, included 192.168.0.55 makes
> it to the http_access deny line.
>
> Try reversing it... like this:
>
> http_access deny denied
> http_access allow discflo
> http_access deny all
>
> > conversely I have tried this too:
> > with the same ACL's from above I tried:
> >
> > http_acces deny discflo
> > http_access allow denied
> > http_access deny all
> >
> > and noone gets access....I thought that the rules matched, it looks like
> > they do but I guess not. once again I am confused, thanks
>
> no one gets access because EVERYTHING in 192.168.0.x matches the first
> http_access line. Therefore, everyone on this subnet gets denied.
>
> Hope I've helped!
>
> Craig
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Tue Dec 19 2000 - 12:59:49 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:02 MST