ident_lookup_access controls the background ident lookup performed by Squid,
independently of access controls.
If http_access needs to evaluate a ident type ACL, then Squid will also make
sure an ident lookup has been performed on the connection, regardless of your
ident_lookup_access setting.
What you probably want is the default
ident_lookup_access deny all
and http_access masking the ident ACL check with a src ACL check.
http_access allow ident_aware_hosts ident_users
(to speed up the ident, you may want to ident_lookup_access allow
ident_aware_hosts)
Regards
Henrik Nordström
On Monday 17 December 2001 17.29, Weronicaain@yahoo.com wrote:
> acl ident_aware_hosts src 172.16.1.23/255.255.255.255
> ident_lookup_access allow ident_aware_hosts
> ident_lookup_access deny all
>
> The above rule does not work as expeced( IP 23 can surf and others can't)
>
> Should I set http_acces rules along with ....
-- MARA Systems AB, Giving you basic free Squid support Customized solutions, packaged solutions and priority support available on requestReceived on Mon Dec 17 2001 - 07:24:20 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:22 MST