Re: [squid-users] ACL priority or order

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 9 Sep 2002 20:28:22 +0200

Or alternatively

http_access allow localhost
http_access deny !domainusers
http_access allow nobanned
http_access deny banned
http_access allow all

In both cases, as a second rule (after "allow localhost") I would insert

http_access deny !from_our_networks

where from_our_networks is defined as a src type ACL listing the local IP
networks from where clients are allowed to connect to the proxy.

Regards
Henrik

Hermann Strassner wrote:
> Use
> http_access allow localhost
> http_access allow nobanned domainusers
> http_access deny banned
> http_access allow domainusers
> http_access deny all
>
> > -----Original Message-----
> > From: stuart.lamble@batepro.co.za [mailto:stuart.lamble@batepro.co.za]
> > Sent: Monday, September 09, 2002 1:53 PM
> > To: squid-users@squid-cache.org
> > Subject: [squid-users] ACL priority or order
> >
> >
> > Hi SUG
> >
> > I have ordered my acl`s in the following order...
> >
> > http_access allow localhost
> > http_access allow nobanned all
> > http_access deny banned all
> > http_access allow domainusers
> > http_access deny all
> >
> > The problem is this, if I have it in the current order, The
> > banned, nobanned
> > sites work, but I do not get proxy authentication which is handled by
> > smb_auth - domainusers
> > If I put allow domainusers before the nobanned, banned rules, I get
> > authentication, but no sites are banned.
> >
> > Any ideas, please
> >
> >
> >
> > Stuart
Received on Mon Sep 09 2002 - 12:28:25 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:10 MST