Re: [squid-users] Acl access from Henrik Nordstrom on 2001-03-15 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 15 Mar 2001 23:28:24 +0100

You are correct. I am only too tired to notice

There should be no netmask specification (or a full host mask /32) on
the access* specifications.

/Henrik

Robert Collins wrote:
>
> I may be confused but I thought squid evaluates
> acl foo src 10.0.0.1-10.0.0.16/8
>
> as 10.0.0.1/8-10.0.0.16/8 in which the ip address are masked leaving
> 10.0.0.0/8.
>
> so access[0|1|2|3] are equivalent.
>
> Rob
>
>
> > -----Original Message-----
> > From: Henrik Nordstrom [mailto:hno@hem.passagen.se]
> > Sent: Thursday, March 15, 2001 8:15 AM
> > To: Ilker Gokhan
> > Cc: 'b.franco@arpaindustriale.com'; 'squid-users@ircache.net'
> > Subject: Re: [squid-users] Acl access
> >
> >
> > Ilker Gokhan wrote:
> > >
> > > you couldnt tell something about access0, I assume It have the same
> > > right like access3.
> > >
> > > Try:
> > > acl access0 src 10.0.0.1-10.0.0.16/8
> > > acl access1 src 10.0.0.17-10.0.0.32/8
> > > acl access2 src 10.0.0.33-10.0.0.64/8
> > > acl access3 src 10.0.0.65-10.0.0.128/8
> > >
> > > acl aaa url_regex -i aaa
> > > acl bbb url_regex -i bbb
> > >
> > > http_access allow access1 aaa
> > > http_access deny access1
> > > http_access allow access2 bbb
> > > http_access deny bbb
> > > http_access allow access3 access0
> >
> > Almost right.. except that a user cannot be access3 AND access0 at the
> > same time, and there was no description of rights for access0 in the
> > question...
> >
> > http_access allow access3
> > and maybe, if access0 also should be given full access
> > http_access allow access0
> >
> > > http_access deny all
> > >
> > > Greetings from Istanbul
> > > Ilker G.
> > >
> > > > -----Özgün Ýleti-----
> > > > Kimden: Franco Battista [mailto:b.franco@arpaindustriale.com]
> > > > Tarih: Wednesday, March 14, 2001 4:10 PM
> > > > Kime: 'squid-users@ircache.net'
> > > > Konu: [squid-users] Acl access
> > > >
> > > >
> > > > i want use acl for this:
> > > >
> > > > 4 users group : access0,access1,access2,access3
> > > > PC with ip address in access1 can access in url with word "aaa"
> > > > PC with ip address in access2 can access in url with word "bbb"
> > > > PC with ip address in access3 can access in every url
> > > >
> > > > help me please
> > > >
> > > >
> > >
> > > Bu e-postada bulunan tüm fikir ve görüþler ve ekindeki
> > dosyalar sadece
> > > adres sahib(ler)ine ait olup, Sümerbank A.Þ hiç bir þekilde sorumlu
> > > tutulamaz.
> > >
> > > The information contained in this E-Mail and any files transmitted
> > > with it are intended solely for the use of the individual
> > or entity to
> > > whom they are addressed and do not reflect those of Sumerbank A.S.
> >
> >
Received on Thu Mar 15 2001 - 15:59:54 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:39 MST