On Mon, Feb 21, 2000 at 12:11:34PM +0000, Mark Foster wrote:
> I need to open port 81 but for a single domain only.
>
> I have the following acls...
>
> acl foosite dstdomain .foo.com
> acl fooport port 81
>
> http_access allow foosite fooport
>
> ...but I still get an access denied message when trying access
> http://www.foosite.com:81/
>
> Have I missed something fundamental here? Does the fact that
> http_access deny !Safe_ports is listed before the allow fooste?
Yes, the ACLs are executed in the order they appear. Put the "... allow
foosite" before the deny.
-- Clifton
-- Clifton Royston -- LavaNet Systems Architect -- cliftonr@lava.net The named which can be named is not the Eternal named.Received on Tue Feb 22 2000 - 23:52:55 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:26 MST