mån 2006-04-03 klockan 09:08 -0600 skrev Dmitry S. Makovey:
> Yes - it's a restrictive reverse proxy, or gateway if you wish -
> Machines are not allowed to do outbound connections themselves and
> all the outbound traffic is being filtered based on network machine
> belongs to and other criteria. Posted ruleset was just a beginning of
> what I intend to do but even as "simple" as it is it didn't work.
The reason why I ask is because http_reply_access is "post mortem"
access controls, meant to complement your http_access rules with
additional rules which can only be resolved when the request has been
forwarded and the reply is coming back. Prime example is checking the
response mime type.
To get to http_reply_access you must first pass http_access.
http_reply_access does not block requests, it only blocks the response
to the request from being forwarded to the client.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT