Do I have to define "all" acl? Is that it?
Vitezslav T. Se'm
> Hi.
>
> I'm using 2.2.STABLE4 on one of our caches. I've got some
> problem with acl's.
>
> acl LocalNets src 127.0.0.1
> acl LocalNets src 212.24.128.0-212.24.159.0/255.255.255.0
> acl LocalNets src 213.151.64.0-213.151.95.0/255.255.255.0
>
> acl LocalDst dst 212.24.128.0-212.24.159.0/255.255.255.0
> acl LocalDst dst 213.151.64.0-213.151.95.0/255.255.255.0
>
> http_access allow LocalNets
> http_access allow LocalDst
> http_access deny all
>
> icp_access allow LocalNets
> icp_access allow FriendlyCaches
> icp_access deny all
>
> miss_access allow LocalNets
> miss_access allow LocalDst
> miss_access deny all
>
> I thought that if it is configured like this, only host with IP's in
> src&dst list are allowed and other got TCP_DENIED. But I've got this in
> my access.log:
>
> 1000913760.416 10 212.24.3.145 TCP_MISS/404 626 GET http://..etc
>
> How is it possible? Did I missed something?
>
> Thanks
>
> Vitezslav T. Se'm
-- Pamatujte, ze amateri postavili Noemovu Archu a profesionalove Titanic.Received on Wed Sep 19 2001 - 03:39:49 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:17 MST