acls are tested in the order they appear in http_access lines, not the order
the acls are defined in.
Rob
----- Original Message -----
From: "" <baf@unix2.asu.tusur.ru>
To: <squid-users@squid-cache.org>
Sent: Wednesday, July 25, 2001 5:52 PM
Subject: [squid-users] maxconn don't work
> Hi all!
> I try limit number of connection to squid. In my squid.conf :
> client_db on
> .........
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl baf src 192.168.62.126/255.255.255.255
> acl 4CONN maxconn 4
> http_access deny 4CONN baf
>
> when i try open 1 connect to squid, i get error page. In cache.log squid
> write:
>
> 2001/07/25 15:26:54| Ready to serve requests.
> 2001/07/25 15:26:56| aclCheckFast: list: 0x8204100
> 2001/07/25 15:26:56| aclMatchAclList: checking all
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl all src 0.0.0.0/0.0.0.0'
> 2001/07/25 15:26:56| aclMatchIp: '192.168.62.126' found
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -
> why?
> 2001/07/25 15:26:56| aclMatchAclList: returning 1
> 2001/07/25 15:26:56| aclCheck: checking 'http_access deny 4CONN baf'
> 2001/07/25 15:26:56| aclMatchAclList: checking 4CONN
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl 4CONN maxconn 4'
> 2001/07/25 15:26:56| aclMatchAclList: returning 0
> 2001/07/25 15:26:56| aclCheck: checking 'http_access allow manager
> localhost'
> 2001/07/25 15:26:56| aclMatchAclList: checking manager
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl manager proto
cache_object'
> 2001/07/25 15:26:56| aclMatchAclList: returning 0
> 2001/07/25 15:26:56| aclCheck: checking 'http_access deny manager'
> 2001/07/25 15:26:56| aclMatchAclList: checking manager
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl manager proto
cache_object'
> 2001/07/25 15:26:56| aclMatchAclList: returning 0
> 2001/07/25 15:26:56| aclCheck: checking 'http_access deny !Safe_ports'
> 2001/07/25 15:26:56| aclMatchAclList: checking !Safe_ports
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl Safe_ports port 80
> 2001/07/25 15:26:56| aclMatchAclList: returning 0
> 2001/07/25 15:26:56| aclCheck: checking 'http_access deny CONNECT
> !SSL_ports'
> 2001/07/25 15:26:56| aclMatchAclList: checking CONNECT
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl CONNECT method CONNECT'
> 2001/07/25 15:26:56| aclMatchAclList: returning 0
> 2001/07/25 15:26:56| aclCheck: checking 'http_access deny all'
> 2001/07/25 15:26:56| aclMatchAclList: checking all
> 2001/07/25 15:26:56| aclMatchAcl: checking 'acl all src 0.0.0.0/0.0.0.0'
> 2001/07/25 15:26:56| aclMatchIp: '192.168.62.126' found
> 2001/07/25 15:26:56| aclMatchAclList: returning 1
> 2001/07/25 15:26:56| aclCheck: match found, returning 0
>
> why squid skip acl : acl baf src 192.168.62.126/255.255.255.255?
>
> Thanks in advance
>
>
Received on Wed Jul 25 2001 - 01:55:00 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:18 MST