mån 2009-09-21 klockan 13:54 -0700 skrev Guy Bashkansky:
> Using Squid as a reverse cache proxy, need to give access only to
> clients whose IP addresses are from particular netblocks:
>
> acl service dstdomain .foo.com
> acl clients src 123.45.67.89/255.255.255.128
> http_access deny service all
> http_access allow service clients
>
> What may be the possible reason that clients with IP addresses not
> from that netblock can still access the service?
The above would deny everyone access.
http_access is read top-down and the first matching rule is used. Any
rules following that is ignored.
Probably you have other http_access rules above allowing access..
Regards
Henrik
Received on Mon Sep 21 2009 - 21:16:47 MDT
This archive was generated by hypermail 2.2.0 : Tue Sep 22 2009 - 12:00:02 MDT