Search squid archive

[squid-users] ACL defaults

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



  
Squid.conf seems not to change much over recent versions, so these remarks probably apply    
to the .conf you are using.  
  
For the tag http_access, my .conf says:-  
  
"NOTE on default values:  
If there are no 'access' lines present, the default is to deny the request."  
  
This implies DENY BY DEFAULT which is a common convention in this context.  
  
However all following text contradicts that.  e.g.:-  
  
"If none of the access lines causes a 'match', the default is the opposite of the last line    
in the list.  If the last line was deny, then the default is allow.  Conversly, if the last line    
is allow, the default will be deny.  For these reasons, it is a good idea to have an 'deny    
all' or 'allow all' entry at the end of your access lists to avoid POTENTIAL CONFUSION."  
  
Whilst this looks like English, it is not.  
  
"And finally deny all other access to this proxy. 
http_access deny all" 
 
If we deny by default, then we do not need this rule, because anything not specifically   
allowed is automatically denied. 
 
 
So is there a default behavior when no rule is matched?  
  
Can you share it with us?  
  
If you tell me it depends on the build, I will believe you.  
  
Thanks.  
  


John Sutherland
Phone & Fax +61 2 4683 1511 
9 Meryla Street, Couridjah NSW 2571 Australia

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux