Robert Collins wrote:
> Sure - I was think that something like
> acl dom1 auth_domain
> acl dom2 auth_domain
>
> acl_domain_access allow dom1 myport80 !localclients
> acl_domain_access deny dom1 all
> acl_domain_access allow dom2 all
>
> would be intuitive for existing squid users..
Except for the unfortunate ordering issue.. probably more intiutive to
use a simpler rule set with no allow/deny.
acl_domain_match dom1 myport80 !localclients
acl_domain_match dom2 all
If you use the allow/deny then it is not very obvious how to say that
dom2 should be used for special_clients
acl_domain_match dom2 special_clients
acl_domain_match dom1 all
compared to
acl_domain_access dom1 deny special_clients
acl_domain_access dom1 allow all
acl_domain_access dom2 allow special_clients
acl_domain_access dom2 deny all
And what is the meaning of
acl_domain_access dom2 allow special_clients
acl_domain_access dom1 allow all
most likely "dom1" will be used for all above in the acl_domain_access
design...
As this is a selection of the single domain for the request there is not
really any need for allow/deny complicating the picture.
-- HenrikReceived on Sat Apr 28 2001 - 19:10:18 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:13:51 MST