Le vendredi, 10 jan 2003, à 22:59 Europe/Paris, Henrik Nordstrom a
écrit :
>>> acl all src 0.0.0.0/0.0.0.0
>>> acl mynet src 192.168.1.0/255.255.255.0
>>>
>>> http_access deny all
>>> http_access allow mynet
>>>
>>> squid log reports
>>> 3 192.168.1.52 TCP/DENIED 403 1367 get http://www.bsdtoday.com/ -
>>> NONE/- text.html
>> Hello,
>> Put your network on all instead of 0.0.0.0
>
>
> Not a good idea. The "all" acl MUST be defined as "everyone in the
> world". At least unless you are sure to override any default directives
> using the "all" acl.
>
> Regards
> Henrik
So I don't understand : if we put the whole world in all acl, so why do
we put "http_access allow all" and after deny ? Why not only allow
mynet and deny all ?
-- Mail sous eMac OS X.2 AW6.2.4 (viruses ? what's that ? :-) ) Sincerely, Stephane http://stephaneascoet.ifrance.comReceived on Fri Jan 10 2003 - 15:08:23 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:37 MST