Re: ACL and/or http_access not working in 3.1 beta from Henrik Nordstrom on 2008-10-26 (squid-dev)

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Sun, 26 Oct 2008 19:11:28 +0100

On sön, 2008-10-26 at 11:11 -0400, Steve Snyder wrote:

> Example #1:
>
> acl snapcom dstdomain .snap.com
> http_access deny snapcom
>
> Example #2:
>
> acl pogotime time SMTFA 00:00-23:59
> acl pogosite dstdomain .pogo.com
> http_access deny pogosite pogotime

Where are these in relation to your other http_access rules?

> These same constructions are working fine in Squid v2.7S5. With
> v3.1-20081025 the specified sites are *not* denied. I see no
> indication in squid.conf.documented that the syntax has changed.

> Is this behavior a flat-out bug, or is there some subtle v2.7 --> 3.1
> change that I'm not comprehending?

There is no change I know of.

> Note that I am running a url_rewrite_program. Could this be a factor
> Squid's refusal to honor my configured "http_access deny" statements?

http_access is processed before url_rewrite, so no.

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Sun Oct 26 2008 - 18:11:33 MDT

This archive was generated by hypermail 2.2.0 : Mon Oct 27 2008 - 12:00:07 MDT