Fedora Linux Support Community & Resources Center
  #1  
Old 23rd April 2011, 08:49 PM
merkava's Avatar
merkava Offline
Registered User
  
Join Date: Jul 2010
Location: Tabriz, Iran
Age: 23
Posts: 75
linuxubuntufirefox
Squid acls
Hi guys,

There is a line in squid default configuration:
Code:
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
acls are applied from top down, so CONNECT acl will deny access to all non SSL and SSL ports. I mean it never reaches the second access rule.
__________________
Best Regards
MERKAVA
Reply With Quote
  #2  
Old 24th April 2011, 05:18 PM
marriedto51 Online
Registered User
  
Join Date: Jul 2009
Location: England, UK
Posts: 823
linuxfedorafirefox
Re: Squid acls
It is my understanding that the ACLs at the end of "http_access deny ..." are conjoined with a logical AND, so I would read your example as "deny any match to both CONNECT and !SSL_ports". (This rule would have nothing to say about a match to SSL_ports whether or not it matches CONNECT.)
Reply With Quote
  #3  
Old 24th April 2011, 07:38 PM
merkava's Avatar
merkava Offline
Registered User
  
Join Date: Jul 2010
Location: Tabriz, Iran
Age: 23
Posts: 75
linuxubuntufirefox
Re: Squid acls
Thank you very much.
__________________
Best Regards
MERKAVA
Reply With Quote
Reply

Tags
acl, squid

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba ACLs Do they ever make sense?? johno12345 Servers & Networking 1 25th June 2007 02:32 PM
CUPs and ACLs perlguy Hardware & Laptops 6 4th June 2006 03:00 AM
NFS and ACLs clyde Servers & Networking 0 26th July 2005 11:26 PM
Using ACLs with Fedora Core 2 immerv Guides & Solutions (No Questions) 6 7th September 2004 05:06 PM


Current GMT-time: 22:05 (Wednesday, 19-06-2013)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.
Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

 FedoraForum is Powered by RedHat