On 21.11.2012 13:29, Paul Ch wrote:
Thanks for the reply.
I have been denying access using cache_peer_access deny rather than
'http_access deny'.
cache_peer_access test allow sites_test allowable
cache_peer_access test allow sites_test othersallowed
cache_peer_access test deny publicall
Should I be switching to http_access rather than cache_peer_access?
You should be using both.
http_access determines whether Squid is granting permission for the
clients request to be handled *at all*. Checked for all received
requests.
cache_peer_access is only granting permission to deliver a request to
that single upstream peer. May (or not) be checked for any given MISS or
revalidation request.
The way you described the requirements was that *no* service was to be
granted outside business hours (http_access denial). If you have some
services that continue running while others are rejected that is a
different set of requirements (cache_peer_access denial).
Amos
