Re: [squid-users] Time's making me crazy!!!

From: Colin Campbell <sgcccdc@dont-contact.us>
Date: Thu, 13 Dec 2001 08:42:34 +1000 (EST)

Hi,

On Wed, 12 Dec 2001, Boniforti Flavio wrote:

> http_access deny !surf time1 time2
> http_access allow all
>
> DOESN'T WORK AT ALL!!!
>
> Maybe it's not allowed to use that syntax???

It's allowed. You just misunderstand how http_access lines work.

First of all, the http_access lines are scanned in the order they exit in
the file. The first one that matches is used.

Second, if more than one acl is defined then ALL acls must match. Using
your example:

http_access deny !surf time1 time2

This means:

        the client address is NOT in the acl surf
                        AND
        the time is between 00:00 and 08:00
                        AND
        the time is between 20:00 and 24:00

Clearly this cannot match since both time acls cannot be true
simultaneously. If the first is true the second is false and vice versa.

Of course all this is explained much better in the FAQ.

Colin

--
Colin Campbell
Unix Support/Postmaster/Hostmaster
CITEC
+61 7 3006 4710
Received on Wed Dec 12 2001 - 15:51:09 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:19 MST