________________________________ From: Amos Jeffries <squid3@xxxxxxxxxxxxx> >> I'd like to allow by default and deny only according to the ACLs I define. >> >> Here's an example with Telegram. I'd like to deny all application/octet-stream mime types in requests >> and replies except for a set of IP addresses or domains.> > Er, deny is the opposite of allow. So your "example" is to demonstrate > the _opposite_ of what you want? > > Not to mention that what you want is the opposite of a well-known > Security Best-Practice. Well, your call, but when things go terribly > wrong don't say you weren't warned. My sentence was misleading, I suppose. My squid.conf has the following structure (which I believe is close to the default for a caching http proxy): ACL definitions http_access deny ... http_reply_access deny ... http_access deny intercepted !localnet http_access allow localnethttp_access deny all Is there anything wrong with this? Vieri _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
