Hi, Here are my rules....
acl all src 0.0.0.0 0.0.0.0 acl manager proto cache_object acl FTP proto FTP acl localhost src 127.0.0.1/255.255.255.255 acl manstaff src 192.168.10.5 192.168.10.13 192.168.10.25 acl ftpaccess src 192.168.10.5 192.168.10.18 acl panorama src 192.168.10.0/255.255.255.0 acl allowzip urlpath_regex -i \.mp3$ \.mov$ \.mpeg$ acl nomp3 urlpath_regex -i \.mp3$ \.mov$ \.mpeg$ \.zip$ acl SSL_ports port 443 563 acl Safe_ports port 80 81 82 8000 acl Safe_ports port 21 acl Safe_ports port 443 563 acl CONNECT method CONNECT http_access deny FTP http_access allow FTP ftpaccess http_access deny allowzip http_access allow manstaff http_access deny nomp3 http_access allow localhost http_access allow panorama http_access deny all As my rules show there are relaxed restrictions on some hosts but the majority face the ACL's.. I don't understand why but all i need is for IP's 192.168.10.5 & 192.168.10.18 to have ftp access and all other hosts denied this. Can you pls help? -----Original Message----- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Friday, 24 October 2003 2:47 AM To: Greg Darby Cc: [EMAIL PROTECTED] Subject: RE: [squid-users] Squid & FTP On Thu, 23 Oct 2003, Greg Darby wrote: > This is the message shown.. > > Access control configuration prevents your request from being allowed at > this time. Please contact your service provider if you feel this is > incorrect. > > Generated Thu, 23 Oct 2003 10:13:35 GMT by proxy.cache.???????.com.au > (Squid/2.4.STABLE6) Then the request is denied by your http_access rules. The default http_access rules does not deny requests for ftp:// URLs, so it is hard for us to say why your rules denies the requests witout knowing your rules.. Regards Henrik Disclaimer : This email and it's attachments are confidential. If you are not the intended recipient you must not disclose, distribute or re-produce any of it's contents as it may be a breach of confidentiality. If you have received this message in error, please advise us immediatley by return email and delete the entire document. Ramelec Pty Ltd cannot guarantee the security of any information electronically transmitted across the Internet. Ramelec Pty Ltd does not accept responsibility for improper or incomplete information within this message, any delay in it's receipt and that this message is free of any known Virus. The address from which this email has been sent is strictly intended for business email only and Ramelec Pty Ltd reserves the right to monitor / alter it's contents at it's discretion. This message has been scanned for the prescence of known Virus's by Gordano's GMS Virus Protection Package.
