mån 2006-04-03 klockan 09:08 -0600 skrev Dmitry S. Makovey: > Yes - it's a restrictive reverse proxy, or gateway if you wish - > Machines are not allowed to do outbound connections themselves and > all the outbound traffic is being filtered based on network machine > belongs to and other criteria. Posted ruleset was just a beginning of > what I intend to do but even as "simple" as it is it didn't work. The reason why I ask is because http_reply_access is "post mortem" access controls, meant to complement your http_access rules with additional rules which can only be resolved when the request has been forwarded and the reply is coming back. Prime example is checking the response mime type. To get to http_reply_access you must first pass http_access. http_reply_access does not block requests, it only blocks the response to the request from being forwarded to the client. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
