> Is there a way to use squid to block access to our site from specific IP
> addresses?? So that they get redirected elsewhere or something like that?
> We use a python redirector to handle virtual hosting and then squid
> decides which of two zope clients gets the request. Just not sure where
> to put something like this.
Blocking is easy.
Just add an ACL which lists the IPs and an "http_access deny theACLname".
It goes above the http_access lines for allowing access to the peer domains.
On the side, you would do much better to change the python redirector to a
external_acl_type helper for access to each peer and make the zope servers
accept the public URL people are requesting. Particularly since you only
have two back-end peers it should be easy.
It solves so many bugs that redirection by its nature causes. External ACL
also adds concurrency support and has a small cache associated, to reduce
helper load.
Amos
Received on Wed Sep 24 2008 - 03:54:52 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 24 2008 - 12:00:03 MDT