Re: [squid-users] acl [NO] bug (when peers configured)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Fri, 31 Aug 2007 12:18:27 +0200

On fre, 2007-08-31 at 05:17 -0300, Michel Santos wrote:

> looking this over means that when the IP address of any 'acl peer src $1'
> match the IP range of 'acl all src ip/mask' then I do not need to specify
> an additional 'http_access deny peer we_acl' if 'http_access deny all
> we_acl' is defined before right

Probably. But I don't have a good view of your http_access rules..

in a src acl a network speification (ip/mask) matches all IPs in that
network, including the network and broadcast addresses.

192.168.1.0/24 is the same as 192.168.1.0-192.168.1.255

Note: 192.168.1.1/24 is an error, and read as 192.168.1.0/24 with a big
fat warning.

Regards
Henrik

Received on Fri Aug 31 2007 - 04:18:34 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:04 MDT