acl sanity checks from Robert Collins on 2002-11-12 (squid-dev)

From: Robert Collins <robertc@dont-contact.us>
Date: 13 Nov 2002 00:51:17 +1100

Another queued thoughts.

the following access list is 'insane':

acl foo src X
acl bar src Y

http_access allow foo bar

because it can -never- match.
likewise
http_access allow foo !foo

whereas
http_access allow !foo !bar
is sane because it can match.

We should check for insane conditions. Such conditions include:
multiple differing positive ip acls of the same type on one access line.
Ditto for domains.

Rob

application/pgp-signature attachment: This is a digitally signed message part

Received on Tue Nov 12 2002 - 06:51:20 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:18:42 MST