On 7/7/05, Eganya Alfredo <eganyaalfredo@xxxxxxxx> wrote: > Hi abu, > > The idea is that the teams alone " pmaticos " can > consent to some internal places, belonging to the > domain aza.cl, without damage that all the other ones > scheme they can continue usually navigating, > > > > > acl pmaticos src 120.1.1.54/255.255.255.255 > > > acl aza dstdomain aza.cl > > > acl all src 0.0.0.0/0.0.0.0 > > > http_access allow pmaticos aza > > > http_access deny all > > the rules that i had were bad because they refused > everything, I proved this configuration but it doesn't > provide effect, since it doesn't link the 2 rules but > rather it evaluates them individually > > > > acl pmaticos src 120.1.1.54/255.255.255.255 > > > acl aza dstdomain aza.cl > > > http_access allow pmaticos aza > > do I have a list of blocked places, another list of > blocked teams, does some configuration exist to have > associations team-place? > > 1.1.1.1/30 www.aza.cl > 1.1.1.2/28 www.google.cl > > etc. > > thanks Sorry I still do not understand what you are trying to do. Try to explain like this: internalsite: blah.com foo.net ....... team one: IP 10.0.0.1 to 10.0.0.20 allow access web allow access intenalsite team two: IP 10.0.0.21 to 10.0.0.30 allow access web deny access intenalsite Provide Information like this so we can figure out what to put in the access lists -- Regards. Abu Khaled
