the game I’m looking for may be complex a bit . well here is the game : i have squid ruling on IPV6 and 1 ipv4 so i have an ipv4 1.1.1.1 address which go to null 0 network which mean a fake route . buy that i prevent the IPV4 websites from loading . so above is sufficient for that : >> acl ip1 myip 12.58.120.72 >> tcp_outgoing_address 1.1.1.1 ip1 but sometimes i want to allow the IPV4 websites but for certain source of ips but i cant match the src ip address with the acl “myip” so that some ips get ipv6 websites only and other get both ipv4/ipv6 thats why i posted the question , I’m sure amos u will give me magical solution next post :) > On Aug 6, 2017, at 3:38 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > > On 06/08/17 22:17, --Ahmad-- wrote: >> he folks >> ======= >> i have acl as : >> acl ip1 myip 12.58.120.72 >> tcp_outgoing_address 1.1.1.1 ip1 >> but ACL above will match all src ip addresses . > > No. It will only match traffic where the "myip" value is 12.58.120.72. It has nothing to do with the TCP src-IP. > > >> the game i want is i just need to allow the from src specific ip address to match the acl above . >> so what i want to do is : >> acl hhh src 12.58.70.10/32 >> and tcp_outgoing_address 1.1.1.1 ( if the src was 12.58.70.10 matching the ip 12.58.120.72 ) > > Do you mean to detect traffic from the 12.58.70.10/32 going to dst-IP 12.58.120.72 ? > > Or do you mean to detect traffic from the 12.58.70.10/32 going to squid-IP 12.58.120.72 ? > > > Amos > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
