[squid-users] acl order

From: Riccardo Castellani <r.castellani_at_usl6.toscana.it>
Date: Thu, 13 Aug 2009 16:30:40 +0200

If create these entries in squid.conf:

acl wwwebay dstdomain www.ebay.com
acl wwwcons dstdomain demo.consortium.com
acl emmepitre url_regex ^http://.*\.mp3
acl msnmessq req_mime_type -i ^application/x-msn-messenger$
acl msnmessp rep_mime_type -i ^application/x-msn-messenger$
acl audiosp rep_mime_type -i ^audio/wav$
acl videosp req_mime_type -i ^application/x-shockwave-flash$
acl streaming_mediap rep_mime_type ^video/x-ms-asf
acl streaming_mediap rep_mime_type ^audio/mpeg
acl streaming_mediap rep_mime_type ^audio/x-scpls
acl streaming_mediap rep_mime_type ^video/x-flv

http_access allow user2
http_access allow user3
http_access deny msnmessp
http_access deny audiosp
http_access deny videosp
http_access deny streaming_mediap
http_access allow user1 wwwebay
http_access allow user1 wwwcons
http_access deny wwwebay
http_access allow user4
...
...
...
http_access allow user100
http_access deny all
#
http_reply_access allow user2
http_reply_access allow user3
http_reply_access deny msnmessp
http_reply_access deny audiosp
http_reply_access deny videosp
http_reply_access deny streaming_mediap
http_reply_access allow all

In this case, I'd like:

user2+3 can access to everything.
User1 can access only to www.ebay.com
User4 to user 100 can access everything except msnmessp, audiosp, videosp,
streaming_mediap, wwwebay, wwwcons.

What's order on which rules are scanned from squid ?
What do you think about my schema criteria ?
Received on Thu Aug 13 2009 - 14:30:40 MDT

This archive was generated by hypermail 2.2.0 : Fri Aug 14 2009 - 12:00:02 MDT