On 8/07/2015 1:26 a.m., Bodo Teichmann wrote: > Hi, > Since using "client_delay_parameters" in the "normal" way, using > client_delay_access 1 allow <acl> > is prevented by > http://bugs.squid-cache.org/show_bug.cgi?id=3696 > > therefore Amos Jeffries wrote on Apr 02, 2013 > >> client_delay_access is tested as soon as the TCP SYN packet has been >> accepted. All Squid has for ACLs to work with at that point is the >> IP:port of each end of the client TCP connection. > Which I don't understand > And he wrote further: >> client_delay_access can be used with: src, arp, localip / myip, >> localport / myport. >> "myportname" ACL should in theory work as well, but looking at the >> code I see the required details are not yet passed to the ACL code >> properly so that is broken. > > Therefore I tried to use client_delay_access without a named ACL, an using "src" directly, but was not able to find a valid syntax for it. > e.g. I tried in /etc/squid3/squid.conf (using squid 3.4.8) : > > client_delay_access 1 allow src 10.41.1.205/32 > > but just get an syntax error : > > ACL not found: src 10.41.1.205/32 > > Any idea/example on how to actually use client_delay_access 1 allow ..... ? Squid always requires ACls to be named. "myportname" is the *type* of a certain ACL, which is not working. PS. AFAIK the bug is unrelated to the ACL naming business. It happens with a plain src type ACL as well. So if you are hitting it at all, you wont be able to use the feature until its fixed by someone. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
