Re: squid problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12Feb2007 16:03, yogesh@xxxxxxxxxxxxxxx <yogesh@xxxxxxxxxxxxxxx> wrote:
| hi i have a proxy server on squid
| 
| i want to allow only bseindia.com site to my one user(only this site)
| i make acl rule as follow
| 
| acl yogesh_usr proxy_auth yogesh
| acl yogesh_ip src 10.1.1.53
| acl rul_1 dstdomain .bseindia.com
| http_access allow rul_1 yogesh_usr yogesh_ip
| http_access deny !rul_1 !yogesh_usr !yogesh_ip
| 
| 
| but this rules will not work
| it provide access to all the web
| 
| i want to allow one bseindia so how it possible

The defaulkt behaviour for a control directive like http_access, for an
acess which does NOT match ANY of the ACLs, is to use the opposite of
the last rule. Your last rule was a deny, therefore any access that do
not match any of the ACLs will be allowed.

You want a sequence like this:

  http_access allow yogesh_usr yogesh_ip rul_1
  http_access deny  yogesh_usr

So you explicitly allow the desired access for yogesh_usr, and then
reject all other access by yogesh_usr. People who are not yogesh_usr
will match neither rule, and so be allowed.

Cheers,
-- 
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
http://www.cskk.ezoshosting.com/cs/

B1FF is an archetype, and all you're showing us is one of the more amusing of
his many instantiations.        - Howard E. Motteler <motteler@xxxxxxxx>
Ah, perhaps Arthur Clarke anticipated this in his celebrated short story,
"The Nine Million Names Of B1FF"? - Nosy <ataylor@xxxxxxxx>

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux