I will try to correct your acls
> acl all src 0.0.0.0/0.0.0.0
> acl vips src 128.1.2.240/255.255.255.255
Only one VIP? No VIPs only one VIP :-)
If you want all IPs in 128.1.2.0/255.255.255.0 as VIPs you must use the
following ACLs
acl vips src 128.1.2.0/255.255.255.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl users proxy_auth REQUIRED
> acl SSL_ports port 443 563
> acl Safe_ports port 81 80 21 443 563 70 210 1025-65535
> acl CONNECT method CONNECT
> acl argo dstdomain .mark.nl
> always_direct allow mark
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
First all deny which does not depend on ip numbers or users.
> http_access allow vips
> http_access allow manager localhost
> http_access allow users
The above access control requires User Authentification.
># http_access deny manager
No use for the above access control.
> http_access deny all
> icp_access allow all
> miss_access allow all
------------------------------------------------------------------------
Stephan Sachweh, Dipl.-Inform., ExperTeam AG
Tel: +49 231 9704 221 Fax: +49 231 9704 299 Mobile: +49 171 4632098
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Wed Jan 10 2001 - 07:56:36 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:24 MST