[squid-users] ACL order in squid.conf

From: Riccardo Castellani <r.castellani_at_usl6.toscana.it>
Date: Thu, 13 Aug 2009 17:21:18 +0200

If create these entries in squid.conf:

acl wwwebay dstdomain www.ebay.com
acl wwwcons dstdomain demo.consortium.com acl emmepitre url_regex
^http://.*\.mp3 acl msnmessq req_mime_type -i ^application/x-msn-messenger$
acl msnmessp rep_mime_type -i ^application/x-msn-messenger$ acl audiosp
rep_mime_type -i ^audio/wav$ acl videosp req_mime_type -i
^application/x-shockwave-flash$ acl streaming_mediap rep_mime_type
^video/x-ms-asf acl streaming_mediap rep_mime_type ^audio/mpeg acl
streaming_mediap rep_mime_type ^audio/x-scpls acl streaming_mediap
rep_mime_type ^video/x-flv

http_access allow user2
http_access allow user3
http_access deny msnmessp
http_access deny audiosp
http_access deny videosp
http_access deny streaming_mediap
http_access allow user1 wwwebay
http_access allow user1 wwwcons
http_access deny wwwebay
http_access allow user4
...
...
...
http_access allow user100
http_access deny all
#
http_reply_access allow user2
http_reply_access allow user3
http_reply_access deny msnmessp
http_reply_access deny audiosp
http_reply_access deny videosp
http_reply_access deny streaming_mediap
http_reply_access allow all

In this case, I'd like:

user2+3 can access to everything.
User1 can access only to www.ebay.com
User4 to user 100 can access everything except msnmessp, audiosp, videosp,
streaming_mediap, wwwebay, wwwcons.

What's order on which rules are scanned from squid ?
What do you think about my schema criteria ?
Received on Thu Aug 13 2009 - 15:21:28 MDT

This archive was generated by hypermail 2.2.0 : Thu Aug 13 2009 - 12:00:03 MDT