On 05/12/17 11:59, erdosain9 wrote:
But, that's exactly the problem.
Thats what i do.
I do a have this large group
i-full
and a small group with a few users from i-full, the small group is called
i-restringidos.
And put i-restringidos in the top... (as you can see in my config file)
But, is not working. They can go trough the web i try to block.
If i delete the user from i-full, then yes, works... (the users then is just
in i-restringidos).
So lets look at your config. These are the relevant lines:
> http_access allow sin_autenticacion
> http_access allow i-restringidos !restringidos
> http_access allow i-limitado !dominios_denegados
> http_access allow i-full !dominios_denegados
> http_access allow localhost
The first thing you do is ALLOW for anyone who can login. End of story.
Nothing more to check, they are allowed.
*otherwise* ... (for clients who are not authenticated) their group
i-restringidos is checked. Group for a not-authenticated client is
impossible. Go to next line.
*otherwise* ... group i-limitado is checked. Group for a
not-authenticated client is impossible. Go to next line.
*otherwise* ... group i-full is checked. Group for a not-authenticated
client is impossible. Go to next line.
*otherwise* ALLOW if the client is on localhost.
Do you understand what is going wrong there?
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
