On Mon, 15 Dec 2003 olivier.delvigne@acis-group.org wrote:
> acl SSL_ports port 443 563
Ok.
> acl Safe_ports port 80
Not good. See the suggested default setting in squid.conf.default.
> acl CONNECT method GET POST HEAD CONNECT PUT DELETE
Not good. The above should only include the CONNECT method. Why have you
changed this?
> http_access allow manager localhost
> http_access deny manager
ok.
> http_access allow ACISNETWORK
Not placed correctly. This should be below the two deny lines below. But
with the above changes to Safe_ports and CONNECT I can understand that
this has eventually ended up here..
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_reply_access allow ACISNETWORK
http_reply_access is not needed.
> http_access deny ACISNETWORK
???
> icp_access deny ACISNETWORK
??? Shouldn't this be a allow? But unless you are using child caches with
ICP it does not matter.
> http_access deny all
Ok.
> icp_access deny all
Ok.
Regards
Henrik
Received on Tue Dec 16 2003 - 01:32:40 MST
This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:13 MST