On 02.04.09 03:00, Merdouille wrote:
> i use a transparent squid proxy and i want :
> - access as manager with squidclient from localhost only
> - allow only computer from localhost to go every where
>
> My ACLs :
> #============== ACL
> # nom type
> acl all src all
> acl port port 82
> acl localnet src 192.168.100.0/192.168.100.255
> acl manager proto cache_object
> acl PROTO proto http
> acl METHOD method GET
> acl localhost src 127.0.0.1
>
> I try :
>
> http_access allow localhost manager
> http_access allow localnet port !manager
> http_access deny all !port !PROTO !METHOD
Why did you define "port" "PROTO" and "METHOD" acl's?
Did you read default config file? You are making things complicated,
http_access allow manager localhost
http_access deny manager
http_access allow localhost
http_access deny all
Btw, "allow only computer from localhost to go every where", don't you
really mean "allow access only from localnet"? If so, replace localhost by
localnet in the latter http_access. But change localnet, as the netmask
isn't valid.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Enter any 12-digit prime number to continue.Received on Tue Apr 07 2009 - 09:58:02 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 07 2009 - 12:00:02 MDT