On 16/11/10 15:00, Hein Konijn wrote:
> Squid 3.1.9
>
> I am trying to create an ACL in squid that allows Torrent traffic through squid (don't ask...)
Why not?
> After fiddeling with the ACL's I got it working, but not the way I want it to.
> I can only can get it to work globally, not for individual IP's or users.
> What works:
> acl SSL_ports port 443
> acl SSL_ports port 1025-65535 # bittorrent
> http_access deny CONNECT !SSL_ports
>
> What doesn't:
> acl SSL_ports port 443
> acl PP_ports port 1025-65535 # bittorrent
> http_access deny CONNECT !SSL_ports
> http_access deny CONNECT !PP_ports
>
> It is just a test if I can get it to work at all, so no source ACL's for the time being.
> But the second one doesn't work at all, it there something I am missing or is the number of CONNECT acl's limited to one?
>
Read this:
http://wiki.squid-cache.org/SquidFaq/OrderIsImportant
then:
http_access deny CONNECT !SSL_ports !PP_ports
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.9 Beta testers wanted for 3.2.0.3Received on Tue Nov 16 2010 - 05:18:36 MST
This archive was generated by hypermail 2.2.0 : Tue Nov 16 2010 - 12:00:03 MST