Re: [squid-users] acl deny versus acl allow?

My apologies...I misinterpreted what you said. I thought you meant "deny" should not be used at all....

----- Original Message -----
From: Amos Jeffries
Date: Monday, November 17, 2008 9:33 pm
Subject: Re: [squid-users] acl deny versus acl allow?
To: Jeff Gerard
Cc: squid-users_at_squid-cache.org

> Jeff Gerard wrote:<BR>> > Can you clarify this? I have looked through the FAQ and there
> is plenty of reference to using "deny" and I can't see any
> mention of replacing "deny" with "allow".
> >
>
> You can write either:
> http_access deny something
> or
> http_access allow something
>
> not both on the same line.
>
> To quote straight from that FAQ page:
> "
> Q: How do I allow my clients to use the cache?
> A: Define an ACL that corresponds to your client's IP addresses.
> Next, allow those clients in the
> http_access list.
>
> For example:
> acl myclients src 172.16.5.0/24
> http_access allow myclients
> "
>
> and more relevant to your stated example:
>
> "
> Q: How do I implement an ACL ban list?
> A: ..., Another way is to deny access to specific servers which
> are
> known to hold recipes.
>
> For example:
> acl Cooking2 dstdomain www.gourmet-chef.com
> http_access deny Cooking2
> http_access allow all
> "
>
> Amos
>
> > Thanks
> >
> >> The word 'deny' is fully replaced with the word
> 'allow'.
>
> >> Please read and understand the FAQ on ACL before continuing
> with
> >> your
> >> testing:
> >> http://wiki.squid-cache.org/SquidFaq/SquidAcl
> >>
> >> Amos
> >> --
> >> Please be using
> >> Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
> >> Current Beta Squid 3.1.0.2
> >>
> >
> > ---
> > Jeff Gerard
>
>
> --
> Please be using
> Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
> Current Beta Squid 3.1.0.2
>

---
Jeff Gerard
Received on Tue Nov 18 2008 - 07:30:38 MST