PLZ help with access controls!

From: Igor V. Alekseev <aiv@dont-contact.us>
Date: Tue, 8 Apr 1997 16:42:44 +0400 (MSD)

Hello, people,

I really need some help from squid gurus...

Can anyone explain me the internals of how acl based access control is
working. Here is a snippet of my squid.conf:

acl IN-CEN srcdomain uniyar.ac.ru
acl YRN-1 src 193.233.48.0-193.233.55.0/255.255.0.0

http_access deny IN-CEN
http_access allow YRN-1
http_access deny !YRN-1 all

miss_access deny IN-CEN
miss_access allow YRN-1

------------------- cut here ---------------------

This does not work as intended - that is *.uniyar.ac.ru can still
connect to the cache server. Machines in *.uniyar.ac.ru have IPs from
a subset of "YRN-1"

Is there an online resource which would explain how squid's ACLs work -
the order of evaluation, what happens to an address when it satisfies/
doesn't satisfy some rules, and simply how many lines with
http_access/miss_access, etc. are allowed in the config file?

Squid is a great piece of software, but the situation with access controls
(and lack of documentation on them) makes it less pleasant to use than it
deserves to be.

Thanks in advance,

Igor V. Alekseev, Information systems expert, Yaroslavl Regional Network,
Russia.
Received on Tue Apr 08 1997 - 05:55:45 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:57 MST