>> On 16.02.12 15:51, Paolo Supino wrote:
>>> I have the following scenario: I have a subnet that needs to get out
>>> on the internet to 2 different subnets. To subnet1 it needs to be able
>>> to access only in HTTP while to subnet2 it needs to be able to access
>>> only in HTTPS. Is it possible to do the follwoing:
>>>
>>> acl source_subnet src 192.168.100.0/255.255.255.0
>>> acl destination_subnet1 dst 172.16.0.0/255.255.0.0
>>> acl destination_subnet2 dst 172.31.0.0/255.255.0.0
>>> acl HTTP_PORT port 80
>>> acl SSL_PORT port 443
>>>
>>> http_access allow source_subnet destination_subnet1 HTTP_PORT
>>> http_access allow source_subnet destination_subnet2 SSL_PORT
>On Fri, Feb 17, 2012 at 9:55 AM, Matus UHLAR - fantomas
><uhlar_at_fantomas.sk> wrote:
>> do you have any other http_access directives in the config?
On 17.02.12 14:34, Paolo Supino wrote:
> Yes I have a few http_access rules in my squid.conf (7 to be
>precise), but I can't fold this ACL into the other ACLs I have (I
>would have done it if I could).
and what exactly is your problem? is other access to those two also allowed?
Or is the access you need denied?
For the former case, you are allowing access but you are not denying
anything, or at least not with these directives. That might be your problem.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows 2000: 640 MB ought to be enough for anybodyReceived on Sun Feb 19 2012 - 12:13:57 MST
This archive was generated by hypermail 2.2.0 : Mon Feb 20 2012 - 12:00:03 MST