On 5/10/07, Vadim Pushkin <wiskbroom@xxxxxxxxxxx> wrote:
I am trying to modify my ACL to prevent a specific IP address within a range already defined in http_access and acl. Where within this do I state *not* (!) 192.168.1.200? acl NET_ONE src 192.168.0.0/16 or http_access allow NET_ONE
I think you will have to define a new acl such as: acl deniedips src 192.168.1.200 and then make the following entry immediately *before* 'http_access allow NET_ONE' : http_access deny deniedips Rules are processed in order of appearance in the list, first to last. Chris
