From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Message-ID: <003f01c06fca$5dae39f0$0500000a@sasha> From: "Mandrake" To: References: <6015059894.20001226214424@mail.ru> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Subject: [mdk-re] =?koi8-r?B?UmU6IFttZGstcmVdIO7B09TSz8rLwSBTcXVpZA==?= Sender: mandrake-russian-admin@linuxteam.iplabs.ru Errors-To: mandrake-russian-admin@linuxteam.iplabs.ru X-BeenThere: mandrake-russian@linuxteam.iplabs.ru X-Mailman-Version: 2.0 Precedence: bulk Reply-To: mandrake-russian@linuxteam.iplabs.ru List-Help: List-Post: List-Subscribe: , List-Id: Mandrake/RE discussion list List-Unsubscribe: , List-Archive: Date: Wed Dec 27 08:52:00 2000 X-Original-Date: Wed, 27 Dec 2000 09:00:50 +0300 Archived-At: List-Archive: SQUID.CONF: # If none of the "access" lines cause a match, the default is the # opposite of the last line in the list. If the last line was # deny, then the default is allow. Conversely, if the last line # is allow, the default will be deny. For these reasons, it is a # good idea to have an "deny all" or "allow all" entry at the end # of your access lists to avoid potential confusion. Regards to All Alexandr Redko LU # 178842 ICQ # 75828152 ----- Original Message ----- From: "Lenya Khachaturov" To: Sent: Tuesday, December 26, 2000 9:44 PM Subject: [mdk-re] Настройка Squid > Hello mandrake-russian, > > Что-то у меня не получается правильно настроить ACL, пишу > следующее: > > acl all src 0.0.0.0/0.0.0.0 > acl root src 127.0.0.1/255.255.255.255 > acl georges src 192.168.0.1/255.255.255.0 > acl lenya src 192.168.0.2/255.255.255.0 > acl localhost src 127.0.0.1/255.255.255.255 > acl manager proto cache_object > acl SSL_ports port 443 563 > acl Safe_ports port 80 21 443 563 70 210 1025-65535 > acl CONNECT method CONNECT > > http_access allow manager localhost lenya georges > http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access deny all > > По идее, при таких настройках он должен пускать ТОЛЬКО юзеров с IP 192.168.0.1 и > 192.168.0.2, на самом деле не пускает вообще никого. Если закомментировать > последнюю строчку, начинает пускать всех без разбору. Почему? Он же > смотрит до первого совпадения с правилом, а на остальное забивает! > -- > Best regards, > Lenya mailto:lenyak@mail.ru > > > > _______________________________________________ > Mandrake-russian mailing list > Mandrake-russian@linuxteam.iplabs.ru > http://linuxteam.iplabs.ru/mailman/listinfo/mandrake-russian >