ons 2007-03-07 klockan 11:58 -0500 skrev Dave:
> Hello,
> I've updated from squid 2.5 to 2.6 on a FreeBSD box using ports. I'm
> using squid as a transparent proxy and this is working fine. My problem is
> my spam, spyware and pornography rejections are no longer working and i
> copied those files and config lines directly from a previously working 2.5
> setup. Here are the relevant lines of my squid.conf file:
>
> acl our_networks src xxx.xxx.xxx.xxx/24
> acl chat dstdomain "/usr/local/etc/squid/chat.txt"
> acl porn url_regex "/usr/local/etc/squid/porn"
> acl spyware dstdomain "/usr/local/etc/squid/spyware.acl"
> http_access allow our_networks
> http_access deny chat porn spyware
>
> Since in my previous config i had this line:
>
> http_access allow our_networks !chat !porn !spyware
>
> I added ! to those acls on the httpd_access deny line above and that did not
> work either. My files have lines similar to this:
The two is very different.
The first means
allow from our_networks
else deny if it is both chap, porn and spyware at the same time
else your next http_access rule (or allow).
The second (what you had in 2.5) says
allow from our_neworks if it is not chat, not porn and not spyware.
Probably you want something like
http_access deny chat
http_access deny porn
http_access deny spyware
http_access allow our_networks
Or you can use the all-in-one line you used in 2.5. It's also fine.
For more details on http_access see the FAQ chapter on access controls
http://wiki.squid-cache.org/SquidFaq/SquidAcl
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:01 MDT