On Fri, Sep 6, 2013 at 5:08 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> It does indeed. You are not checking the external_acl_type helper early
> enough in the request processing sequence.
>
> clientside_tos directive is processed and TOS selected before the request
> upstream destination is selected.
> always_direct is part of that upstream destination selectino processing
> which follows.
>
> You can test it in http_access like this before allowing traffic:
> http_access deny router !all
>
> this runs the helper lookup but !all is an impossible match and prevents the
> deny action happening.
>
> Alternatively, you can just stick 'router' ACL test on the end of your allow
> http_access lines.
OK. Got it working. Thanx!
Best,
Niki
Received on Sat Sep 07 2013 - 08:52:41 MDT
This archive was generated by hypermail 2.2.0 : Sat Sep 07 2013 - 12:00:03 MDT