My apologies...I misinterpreted what you said. I thought you meant "deny" should not be used at all....
----- Original Message ----- From: Amos Jeffries Date: Monday, November 17, 2008 9:33 pm Subject: Re: [squid-users] acl deny versus acl allow? To: Jeff Gerard Cc: squid-users@squid-cache.org > Jeff Gerard wrote:<BR>> > Can you clarify this? I have looked through the FAQ > and there > is plenty of reference to using "deny" and I can't see any > mention of replacing "deny" with "allow". > > > > You can write either: > http_access deny something > or > http_access allow something > > not both on the same line. > > To quote straight from that FAQ page: > " > Q: How do I allow my clients to use the cache? > A: Define an ACL that corresponds to your client's IP addresses. > Next, allow those clients in the > http_access list. > > For example: > acl myclients src 172.16.5.0/24 > http_access allow myclients > " > > and more relevant to your stated example: > > " > Q: How do I implement an ACL ban list? > A: ..., Another way is to deny access to specific servers which > are > known to hold recipes. > > For example: > acl Cooking2 dstdomain www.gourmet-chef.com > http_access deny Cooking2 > http_access allow all > " > > Amos > > > Thanks > > > >> The word 'deny' is fully replaced with the word > 'allow'. > > >> Please read and understand the FAQ on ACL before continuing > with > >> your > >> testing: > >> http://wiki.squid-cache.org/SquidFaq/SquidAcl > >> > >> Amos > >> -- > >> Please be using > >> Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10 > >> Current Beta Squid 3.1.0.2 > >> > > > > --- > > Jeff Gerard > > > -- > Please be using > Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10 > Current Beta Squid 3.1.0.2 > --- Jeff Gerard
