Search squid archive

bug ... No-lookup DNS ACLs ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

---------- Forwarded message ----------
From: Jeff Chua <jeff.chua.linux@xxxxxxxxx>
Date: Fri, Feb 1, 2013 at 1:32 PM
Subject:
To: squid-users@xxxxxxxxxxxxxxx


Amos,

I'm seeing entries like these after rev 12620. It seems the "-n" only
applies to dst* and not src* ACL. How can I fix these?


2013/02/01 13:19:05| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/02/01 13:19:05| WARNING: because of this '::/0' is ignored to
keep splay tree searching predictable
2013/02/01 13:19:05| WARNING: You should probably remove '::/0' from
the ACL named 'all'
2013/02/01 13:19:05| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2013/02/01 13:19:05| WARNING: because of this '127.0.0.1' is ignored
to keep splay tree searching predictable
2013/02/01 13:19:05| WARNING: You should probably remove '127.0.0.1'
from the ACL named 'localhost'
2013/02/01 13:19:05| WARNING: (B) '127.0.0.0/8' is a subnetwork of (A)
'127.0.0.0/8'
2013/02/01 13:19:05| WARNING: because of this '127.0.0.0/8' is ignored
to keep splay tree searching predictable
2013/02/01 13:19:05| WARNING: You should probably remove '127.0.0.0/8'
from the ACL named 'to_localhost'
2013/02/01 13:19:05| WARNING: (B) '138.18.18.0/25' is a subnetwork of
(A) '138.18.18.0/25'
2013/02/01 13:19:05| WARNING: because of this '138.18.18.0/25' is
ignored to keep splay tree searching predictable
2013/02/01 13:19:05| WARNING: You should probably remove
'138.18.18.0/25' from the ACL named 'clients'
2013/02/01 13:19:05| WARNING: (B) '80.239.152.0/24' is a subnetwork of
(A) '80.239.152.0/24'
2013/02/01 13:19:05| WARNING: because of this '80.239.152.0/24' is
ignored to keep splay tree searching predictable


In squid.conf ...
acl clients src 138.18.18.0/25 127.0.0.1/32
http_access allow manager clients
http_access deny manager

acl razor dstdomain .edgesuite.net .razor.tv
acl razordst dst 80.239.152.0/24
http_access deny razor razordst

acl local-servers dstdomain proxy lo localhost
always_direct allow local-servers


I've tried add "-n" but it doesn't seem to fix the problem ...
acl razor dstdomain -n .edgesuite.net .razor.tv
acl razordst dst -n 80.239.152.0/24


Thanks,
Jeff
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux