[squid-users] acl rules

From: Andrei B. <andrixnet@dont-contact.us>
Date: Thu, 12 Apr 2001 23:08:55 -0700 (PDT)

Please, if someone could clarify this:

I've seen examples in squid.conf of acl elements like this:

acl some_addr src addr1 addr2 addr3
http_access acl1 acl2 acl3

yet when I tried to write my own rules like this, it won't work:
--------------
acl localip src 10.1.1.0/24 10.2.1.10
http_access allow localip
--------------
or:
--------------
acl localip src 10.1.1.0/24
acl special src 10.2.1.10
http_access allow localip special
--------------
anyone in 10.1.1.0/24 has access, but 10.2.1.10 is denied access in
both cases.
It will only work if I make separate lines for each acl and
http_access.

squid.conf section which inspired me:
----------------------------
#Defaults:
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#Default configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
----------------------------

=====
ing. Andrei Boros
Centrul pt. Tehnologia Informatiei
Societatea Romana de Radiodifuziune

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
Received on Fri Apr 13 2001 - 00:08:56 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:17 MST