On 26/04/11 23:37, Edmonds Namasenda wrote:
Hello there.
Is there a possibility in Squid 3.0 on openSuSe to explicitly allow or
deny ACLs?
### Example
acl admins src 10.0.0.245-10.0.0.255
acl updates dstdomain -i /path/to_file_with/updates_domain/urls
http_access allow admins
http_access allow updates
reply_body_max_size 10 MB !admins
reply_body_max_size 10 MB !updates
You have set two *different* limits of 10MB.
"admin" can be caught by the second one unless they are requesting
"updates" sites.
With the above set-up example, the reply_body_max_size still affects
the admins group. Systems with I.P Addresses in the admin range fail
to download files bigger than 10MBs.
How can I explicitly allow them? As well if I want to explicitly deny,
what can I use?
With "!" exactly as you have above.
But remember the rules for constructing access controls still apply
here. Top-down, left-to-right, first line to fully match wins.
Limit to 10MB. Excluding updates AND excluding admin:
reply_body_max_size 10 MB !admins !updates
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.7 and 3.1.12.1
