Suppose I have a host who is using ICP access to me that I don't want. At
the moment I don't want to go into a deny all mode because we are slowly
building a little hierarchy and I don't want to have to change the acl's
every time someone wants to test things out, but I do want to restrict this
one host from accessing us. Below you will find our acl definitions.
However the host still can do ICP. What did I do wrong?
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl impolite src aaa.bbb.ccc.ddd/255.255.255.255 (ip hidden to protect the
guilty)
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access deny manager !localhost
http_access deny CONNECT !SSL_ports
http_access allow all
icp_access allow all
icp_access deny impolite
miss_access allow all
Received on Wed Jul 09 1997 - 05:12:30 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:42 MST