Re: [squid-users] ACL on different OS

From: Amos Jeffries <squid3@dont-contact.us>
Date: Fri, 11 Jan 2008 15:56:37 +1300

Ammad Shah wrote:
> I am using FC7 in production, due to some load balancing, i installed BSD
> 6.2. since each and every thing was working properly, i just copied squid
> acl from /etc/squid.conf of FC7 to BSD squid. *(not whole file)
>
> but ACL are not working.
>
> acl appmime urlpath_regex -i \.dgm$ \.cab$ \.msi$ \.mp2$ \.mpg$
> acl allowed src ammad.nethome.local
>
>
> http_access allow allowed all
> http_access allow allowed appmime

This second permission will have no effect as the first line matches
'allowed' and lets them do anything.

> http_access deny appmime
>
> these acl allow my computer named "ammad.nethome.local" to download these
> files. but deny every other host to get these type of files.
>
> when i coped these to Free BSD, it results to faile "Access denied web page"

Are you sure the rDNS for ammad.nethome.local works and is the machine
you are testing from?
Squid will do an rDNS lookup at the time it was started/reconfigured and
use that permanently as the src check.

>
> Is it not supported on Free-BSD?

> thanks

Amos

-- 
Please use Squid 2.6STABLE17 or 3.0STABLE1.
There are serious security advisories out on all earlier releases.
Received on Thu Jan 10 2008 - 19:56:18 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:04 MST