On 27/06/2014 6:43 p.m., Nishant Sharma wrote:
> On Friday 27 June 2014 11:58 AM, Nishant Sharma wrote:
>>
>> On Friday 27 June 2014 10:05 AM, Amos Jeffries wrote:
>>>> acl even src 0.0.0.0/0.0.0.1
>>>> tcp_outgoing_address wan1 even
>>>> tcp_outgoing_address wan2 !even
>>>>
>> wan1 & wan2 in the config are the actual WAN IP Addresses (IPv4) and NAT
>> rules are properly set-up for both the WANs. If I divide the LAN into
>> two /25 subnets it works fine. But not with masked bits.
>>
>> Is there any debug option that I could enable to see how these ACLs are
>> being matched or by-passed? "debug_options ALL,9" can be an overkill for
>> this?
>
> Here are the debug logs. I see that it is trying to compare SRC-IP:Port
> pair against the ACL and result is always "0".
>
> Any pointers?
Ah, Squid-3 is using CIDR masking. Sorry should have remembered earlier
how strict this is.
The two /25 subnets (or groups of /26 etc) is the way to go.
Amos
Received on Fri Jun 27 2014 - 07:04:49 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 27 2014 - 12:00:05 MDT