Hi,
On Wed, 12 Dec 2001, Boniforti Flavio wrote:
> http_access deny !surf time1 time2
> http_access allow all
>
> DOESN'T WORK AT ALL!!!
>
> Maybe it's not allowed to use that syntax???
It's allowed. You just misunderstand how http_access lines work.
First of all, the http_access lines are scanned in the order they exit in
the file. The first one that matches is used.
Second, if more than one acl is defined then ALL acls must match. Using
your example:
http_access deny !surf time1 time2
This means:
the client address is NOT in the acl surf
AND
the time is between 00:00 and 08:00
AND
the time is between 20:00 and 24:00
Clearly this cannot match since both time acls cannot be true
simultaneously. If the first is true the second is false and vice versa.
Of course all this is explained much better in the FAQ.
Colin
-- Colin Campbell Unix Support/Postmaster/Hostmaster CITEC +61 7 3006 4710Received on Wed Dec 12 2001 - 15:51:09 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:19 MST