Thank you.

This works perfectly - however, in my configuration - the allow all was
specified in the section below the allowed ports.



-----Original Message-----
From: Christoph Haas [mailto:[EMAIL PROTECTED] 
Sent: 24 June 2004 12:07
To: '[EMAIL PROTECTED]'
Subject: Re: [squid-users] Access Controls

On Thu, Jun 24, 2004 at 11:38:15AM +0200, Vikesh Singh wrote:
> I have denied certain IP Addresses access to the internet.  The problem is
> that those user's need access to our intranet.  Our service provider has
> denied access to all Addresses except those that obviously come from the
> proxy.  The user's access is denied when trying to access the intranet.
Can
> you specify that certain sites be allowed within squid?  Please assist.

Why don't you use two ACLs?

1. Allow access to the intranet (e.g.: acl intranet dst 10.0.0.0/8)
   -> http_access allow intranet
2. Disallow access for the "certain IPs" (e.g.: acl specific src ...)
   -> http_access deny specific
3. Allow the rest all access
   -> http_access allow all

 Christoph

-- 
~
~
".signature" [Modified] 3 lines --100%--                3,41         All

Reply via email to