Re: [squid-users] acl dstdomain, bypass authorization
acl dstdomain begin with dot followed by domain name, for your case it must be : acl 1sk dstdomain .1sk.ru --- Dmitry Melekhov <[EMAIL PROTECTED]> wrote: > Hello! > > I need to allow users access some sites without authorization. > > If I write acl: > > > acl 1sk dstdomain 1sk.ru > http_access allow our_nets 1sk > > it doesn't work > but if > > > acl 1sk dst 194.186.36.214 > http_access allow our_nets 1sk > > it works. > > our_nets is > acl our_nets src 192.168.21.0/24 192.168.22.0/24 > > > > It is not very good to have acls based on dst ip address, because it > can > be changed ;-) > Is it possible to use acl dstdomain in my situation? > > regards, Pudjo __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [squid-users] acl dstdomain, bypass authorization
Visolve Squid пишет: Dmitry Melekhov wrote: Hello! I need to allow users access some sites without authorization. If I write acl: acl 1sk dstdomain 1sk.ru http_access allow our_nets 1sk it doesn't work but if acl 1sk dst 194.186.36.214 http_access allow our_nets 1sk it works. our_nets is acl our_nets src 192.168.21.0/24 192.168.22.0/24 It is not very good to have acls based on dst ip address, because it can be changed ;-) Is it possible to use acl dstdomain in my situation? Hello, You can try with the following configuration in squid.conf acl auth_users proxy_auth REQUIRED acl page dstdomain 1sk.ru acl our_nets src 192.168.21.0/24 192.168.22.0/24 http_access allow page http_access allow auth_users our_nets Unfortunately, this doesn't work :-( squid asks for authentification
Re: [squid-users] acl dstdomain, bypass authorization
Dmitry Melekhov wrote: Hello! I need to allow users access some sites without authorization. If I write acl: acl 1sk dstdomain 1sk.ru http_access allow our_nets 1sk it doesn't work but if acl 1sk dst 194.186.36.214 http_access allow our_nets 1sk it works. our_nets is acl our_nets src 192.168.21.0/24 192.168.22.0/24 It is not very good to have acls based on dst ip address, because it can be changed ;-) Is it possible to use acl dstdomain in my situation? Hello, You can try with the following configuration in squid.conf acl auth_users proxy_auth REQUIRED acl page dstdomain 1sk.ru acl our_nets src 192.168.21.0/24 192.168.22.0/24 http_access allow page http_access allow auth_users our_nets Thanks, Visolve Squid Team www.visolve.com/squid/
