On tis, 2007-10-16 at 16:32 +1300, Amos Jeffries wrote: > I've looked at the code and I think this is caused as a side-effect of > "DEFAULT_IF_NONE: deny all" (@src/cf.data.pre:715) denying the initial > peer query (@src/htcp.cc:1236) when no other htcp_access are defined but > a peer is htcp_only. Looking. Looks fine. What was the original complaint again? I thought you had to htcp_access the peer you requested, not the requesting peer.. The default for all accesses (HTTP, ICP, HTCP, SNMP) is deny unless allowed. > I've already updated the .conf docs to clearly point out the htcp_access > needs to be explicitly configured for htcp peers. Just as icp_access needs to be configured for icp peers... The difference between the two is that the suggested configuration of icp_access has an "icp_access allow all" overriding the default, while htcp_access has the same in a comment only. Personally I consider having icp_access allow all a mistake and that the htcp style is better, but both should be changed to have an acl listing the trusted networks rather than "all". Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
