On 16.02.12 15:51, Paolo Supino wrote:
I have the following scenario: I have a subnet that needs to get out
on the internet to 2 different subnets. To subnet1 it needs to be able
to access only in HTTP while to subnet2 it needs to be able to access
only in HTTPS. Is it possible to do the follwoing:
acl source_subnet src 192.168.100.0/255.255.255.0
acl destination_subnet1 dst 172.16.0.0/255.255.0.0
acl destination_subnet2 dst 172.31.0.0/255.255.0.0
acl HTTP_PORT port 80
acl SSL_PORT port 443
http_access allow source_subnet destination_subnet1 HTTP_PORT
http_access allow source_subnet destination_subnet2 SSL_PORT
On Fri, Feb 17, 2012 at 9:55 AM, Matus UHLAR - fantomas
<uhlar@xxxxxxxxxxx> wrote:
do you have any other http_access directives in the config?
On 17.02.12 14:34, Paolo Supino wrote:
Yes I have a few http_access rules in my squid.conf (7 to be
precise), but I can't fold this ACL into the other ACLs I have (I
would have done it if I could).
and what exactly is your problem? is other access to those two also allowed?
Or is the access you need denied?
For the former case, you are allowing access but you are not denying
anything, or at least not with these directives. That might be your problem.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB ought to be enough for anybody
