Search squid archive

Re: acl src question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Amos. The indication was useful.
Best regards

Gabriel

El vie., 9 ago. 2019 03:19, Amos Jeffries <squid3@xxxxxxxxxxxxx> escribió:
On 9/08/19 1:57 am, Service MV wrote:
> Hello everyone!
>
> I have a network 192.168.10.0/22
> I want to let the IP ranges 192.168.12.1 to 192.168.13.254 through my
> proxy, but not the ranges 192.168.10.1 to 192.168.11.254.
> If I don't misunderstand the documentation
> <http://www.squid-cache.org/Versions/v4/cfgman/acl.html>, the correct
> way to do this would be:
> acl mylocalnet src 192.168.12.0/24
> acl mylocalnet src 192.168.13.0/24
> [...]
> http_access allow mylocalnet
>
> Is this right?

Close. But that would include the machines with *.0 and *.255 address
outside the range you mention wanting to match.

If your needed range does not map to nice CIDR range(s) you can set the
start and end address instead:

 acl mylocalnet src 192.168.12.1-192.168.13.254



PS. setting the LAN range(s) you want to use the proxy is what the
"localnet" ACL is there for. The values provided are just an example of
standardized ranges that will let the proxy work on most networks by
default.
 There is usually no need for a new custom name, just edit the list as
necessary for your policy. Unless you mean something else for this
custom ACL to be doing - in which case you might want to consider using
a name that makes the access rules read in a more easily interpreted way.

Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux