Search squid archive

Re: acl dst 255.255.255.255 means "no such hostname"?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Mon, 12 Sep 2005, Matus UHLAR - fantomas wrote:
> 
> >however, currently I'm not able to differ if someone entered an this IP (or
> >hostname pointing to this IP) or an invalid hostname, and give people
> >different error messages.

On 14.09 01:30, Henrik Nordstrom wrote:
> The first (explicitly entered) can be matched using dstdomain in 
> 2.5.STABLE10.

actually yes, but I consider this as workaround. I also filled a bug
according to your next mail (and my original request too):
http://www.squid-cache.org/bugs/show_bug.cgi?id=1394

> >I probably could make an exemption in denying 240.0.0.0/4 or allow
> >accessing 255.255.255.255, but I found this sick...
> 
> Removing the use of 255.255.255.255 from he dst acl is trivial. In acl.c 
> look for ACL_DST_IP in aclMatchAcl, and at the end of it's block replace
> 
>    return aclMatchIp(&ae->data, no_addr);
> 
> with simply
> 
>    return 0;
> 
> this will make dst acls always false if the destination IP can not be 
> resolved (there is no IP to match the acl against, so it can't be true..)

Thanks, I think I'll patch the squid manually now.

> Then to match invalid hosts you can use
> 
>    acl all_destinations dst 0.0.0.0/0
>    http_access deny !all_destinations

good to know, when I'll set up multilanguage error messages :)

-- 
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is soft to do no harm

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux