Re: [squid-users] acl [NO] bug (when peers configured) from Henrik Nordstrom on 2007-08-31 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Sat, 01 Sep 2007 00:39:33 +0200

On fre, 2007-08-31 at 19:16 -0300, Michel Santos wrote:

> well, I guess in 2.6 is something wrong at this special point, unless some
> secret work fixed it (I have not checked > 14S), if you remember this is
> not working with any 2.6 when coming from a local address, but with 2.5 it
> is
>
> shortcut:
>
> #on 127.0.0.2
> acl peer src 127.0.0.1
>
> gets 'access denied' for all requests from 127.0.0.1
>
> #on 127.0.0.2
> acl peer src 127.0.0.1/32
>
> and 127.0.0.1 goes through ...

Then I guess you must have changed something else as well. 127.0.0.1
127.0.0.1/32 and 127.0.0.1/255.255.255.255 is all equivalent and matches
the exact ip 127.0.0.1, and has always been..

The magic autodetection of the mask size in earlier releases only kick
in if the ip ends in .0, but was inconsistent and therefore removed...

There has not been any changes in this part of the code since 31 July
2006 when the mask size detection was removed..

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Fri Aug 31 2007 - 16:39:39 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:04 MDT