RE: [squid-users] srcdomain none

ok thank you Amos.
I think that I figured it out.

at the beginning I had this one :

168 acl MyNet src x.x.x.x/y.y.y.y
173 acl BadClients srcdomain none
257 http_access deny BadClients
259 http_access allow MyNet
260 http_access deny all
284 deny_info ERR_CUSTOM_ACCESS_DENIED BadClients

Now I changed the MyNet ACL to :

168 acl BadClients srcdomain none
170 acl MyNet srcdomain .mydomain.xyz
259 http_access deny BadClients
261 http_access allow MyNet
262 http_access deny all
284 deny_info ERR_CUSTOM_ACCESS_DENIED BadClients

and it seems to work fine.

regards,

Jan
________________________________________
From: Amos Jeffries [squid3_at_treenet.co.nz]
Sent: Thursday, January 21, 2010 1:08 AM
To: squid-users_at_squid-cache.org
Subject: Re: [squid-users] srcdomain none

On Wed, 20 Jan 2010 14:25:43 +0100, "Zeller, Jan" <jan.zeller_at_id.unibe.ch>
wrote:
> Dear Squid-list,
>
> i am a bit confused about :
> http://www.squid-cache.org/Versions/v3/3.0/cfgman/acl.html
>
> acl aclname srcdomain .foo.com ... # reverse lookup, from client
IP
> The name "none" is used if the reverse lookup fails.
>
>
> What I want to achieve is to deny access to clients which have no DNS
> entry.
> My ACL actually looks like this :
>
> acl BadClients srcdomain none
> deny_info ERR_CUSTOM_ACCESS_DENIED BadClients
> http_access deny BadClients
>
> But it doesn't work properly. The message which is defined in
> ERR_CUSTOM_ACCESS_DENIED appears but once the refresh button (or CTRL-R)
in
> the browser (IE & Firefox) is pressed access is granted.
> What am I doing wrong here ? /

Set debug_options 28,3 and find out.

Amos
Received on Thu Jan 21 2010 - 09:42:53 MST