Hi Henrik ! I've made several tests with the statement orders..... none of them worked...
I got the feeling that the acl statement is not understood with only the IP address... Thanks for any help. Regards, Fernanda On 16 Mar 2004, Henrik Nordstrom wrote: >On Mon, 15 Mar 2004 [EMAIL PROTECTED] wrote: > >> Hello Christoph, >> >> Thanks for your reply. >> >> However, it still doesn't work..... >> >> I tried to add the subnet mask by the end of the acl line as below, but >then >> access is given to all IPs in the network: >> >> acl subgroup src 120.202.200.20/255.255.255.0 > >There should be NO netmask when specifying individual IP addresses. Only >when specifying whole networks should a netmask be used. > >120.202.200.20/255.255.255.0 == 120.202.200.0/255.255.255.0 == >120.202.200.0/24 > >(except that Squid will warn you about the first probably not being what >you intended...) > >> >> http_access allow rionet allowed_ext >> >> http_access deny rionet denied_ext morning >> >> http_access deny rionet denied_ext afternoon >> >> http_access allow rionet >> >> http_access allow localhost >> >> http_access deny all > >The key is the order of your http_access rules. > >The above says > >1. rionet is allowed to access allowed_ext >2. else denied if it is morning or afternoon and request matches denied_ext >3. else allowed > >If you want other rules of another subgroup of "rionet" you need to have >these http_access rules before this. > >Regards >Henrik > >---------- _________________________________________________________ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/