-----Original Message-----
From: Dan <Dan@Elrond.Gimli.com>
To: Nguyen Dang Phuoc Dong <dongnd@tlnet.com.vn>; squid-users@ircache.net
<squid-users@ircache.net>
Date: Friday, October 16, 1998 7:52 PM
Subject: Re: Filter out Sex... Sites
>Hi,
>And why such circuit does not work? SquidPatch2
>acl sex-stop dstdomain playboy.com sex.com hotsex.com
>http_access deny sex-stop
>any ideas....?
>bye Dan
Because the http_access rules is searched from the beginning to the end of
the list and the first match is applied. Suppose that I have two http_access
rules as follow:
acl LOCAL src 172.16.0.0/255.255.0.0
http_access allow LOCAL
acl sex-stop dstdomain playboy.com sex.com hotsex.com
http_access deny sex-stop
Then the LOCAL user can access playboy.com, sex.com or hotsex.com because
their computer IP address match the first rules. Therefore, the second rules
is bypass.
Is this your situation?
Dong
Received on Fri Oct 16 1998 - 08:09:21 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:32 MST