[squid-users] Order of http_access allow/deny

Andreas.Reschke at mahle.com Andreas.Reschke at mahle.com
Wed Feb 4 11:19:09 UTC 2015


Hi there,
Is there a order of http_access allow/deny? If I activate "http_access 
deny !chkglwebhttp" nobody can use the proxy, squid allways ask for user 
and password (user and password is correct)

######
acl chkglwebhttp external LDAPLookup GGPY-LO-Web-Http
acl sellingUser external LDAPLookup GGPY-LO-Web-Allowed-Selling
acl socialUser external LDAPLookup GGPY-LO-Web-Allowed-Social
acl allforbUser external LDAPLookup GGPY-LO-Web-Allowed-All
acl ftpputUser external LDAPLookup GGPY-LO-Web-Ftp-Put
acl loggingUser external LDAPLookup GGPY-LO-Web-Log-User
acl auth proxy_auth REQUIRED
acl permitt_ips src 10.143.10.247/32
acl FTP proto FTP
acl PUT method PUT

# whitelisten
http_access allow open-sites all
http_access allow localhost
http_access allow permitt_ips !denied-sites !social-sites
http_access allow indien DAY
http_access deny indien
#http_access deny !chkglwebhttp
http_access allow selling-sites sellingUser
http_access allow social-sites socialUser

http_access allow denied-sites allforbUser
http_access deny denied-sites all

http_access allow FTP PUT
http_access deny FTP PUT

http_access allow all auth
http_access allow auth

http_access deny all
######

Mit freundlichen Grüßen / Kind regards

Mr. Andreas Reschke
andreas.reschke at mahle.com, http://www.mahle.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150204/bf11cc29/attachment-0001.html>


More information about the squid-users mailing list