On 5/10/07, Vadim Pushkin <[EMAIL PROTECTED]> wrote:
I am trying to modify my ACL to prevent a specific IP address within a range
already defined in http_access and acl.
Where within this do I state *not* (!) 192.168.1.200?
acl NET_ONE src 192.168.0.0/16
or
http_access allow NET_ONE
I think you will have to define a new acl such as:
acl deniedips src 192.168.1.200
and then make the following entry immediately *before* 'http_access
allow NET_ONE' :
http_access deny deniedips
Rules are processed in order of appearance in the list, first to last.
Chris