Re: squid problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12Feb2007 16:03, yogesh@xxxxxxxxxxxxxxx <yogesh@xxxxxxxxxxxxxxx> wrote:
| hi i have a proxy server on squid
| 
| i want to allow only bseindia.com site to my one user(only this site)
| i make acl rule as follow
| 
| acl yogesh_usr proxy_auth yogesh
| acl yogesh_ip src 10.1.1.53
| acl rul_1 dstdomain .bseindia.com
| http_access allow rul_1 yogesh_usr yogesh_ip
| http_access deny !rul_1 !yogesh_usr !yogesh_ip
| 
| 
| but this rules will not work
| it provide access to all the web
| 
| i want to allow one bseindia so how it possible

The defaulkt behaviour for a control directive like http_access, for an
acess which does NOT match ANY of the ACLs, is to use the opposite of
the last rule. Your last rule was a deny, therefore any access that do
not match any of the ACLs will be allowed.

You want a sequence like this:

  http_access allow yogesh_usr yogesh_ip rul_1
  http_access deny  yogesh_usr

So you explicitly allow the desired access for yogesh_usr, and then
reject all other access by yogesh_usr. People who are not yogesh_usr
will match neither rule, and so be allowed.

Cheers,
-- 
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
http://www.cskk.ezoshosting.com/cs/

B1FF is an archetype, and all you're showing us is one of the more amusing of
his many instantiations.        - Howard E. Motteler <motteler@xxxxxxxx>
Ah, perhaps Arthur Clarke anticipated this in his celebrated short story,
"The Nine Million Names Of B1FF"? - Nosy <ataylor@xxxxxxxx>


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux