On tor, 2007-08-30 at 06:02 -0300, Michel Santos wrote: > There is appearently an acl bug > > acls do not work for peers They do work for peers, just the same as any other http client. There is nothing special about peers in the access controls. > acl all src 200.152.80.0/20 Warning: Don't redefine the "all" acl unless you are very careful. It's used in a number of defaults and meant to match "the whole world", and results can become a bit confusing if redefined... Instead define a "mynetwork" acl to match your clients.. > acl danger urlpath_regex -i instal\.html > http_access deny all danger > # > > so far this works for "all", I mean it blocks as wanted > > > # > acl all src 200.152.80.0/20 > acl peer src 200.152.83.40 > acl danger urlpath_regex -i instal\.html > http_access deny all danger > http_access deny peer danger Nothing obviously wrong, apart from the use of the "all" acl.. > does NOT when accessing directly from a browser from 200.152.83.40 Should it? When going directly Squid is not used... > and does NOT work when configuring localhost as proxy on 200.152.83.40 What do access.log say on both proxies? Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
