[squid-users] TCP Outgoing Address ACL Problem
Garri Djavadyan
garryd at comnet.uz
Sat Nov 12 07:50:26 UTC 2016
On 2016-11-12 07:55, Amos Jeffries wrote:
> On 12/11/2016 7:44 a.m., Garri Djavadyan wrote:
>>
>> 2. I added second http_port, ACL for the second http_port and the rule
>> to use second IP address if connection is for second http_port.
>> # diff -u etc/squid.conf.default etc/squid.conf
>> --- etc/squid.conf.default 2016-10-28 15:54:53.851704360 +0500
>> +++ etc/squid.conf 2016-11-11 23:18:48.654385840 +0500
>> @@ -23,6 +23,7 @@
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl CONNECT method CONNECT
>> +acl port3129 localport 3129
>>
>
> FYI Garri, "localport" value varies depending on the traffic mode. It
> is
> not necessarily the Squid receiving port.
Yes, you are right. I used it for simplicity's sake and the
configuration permits it.
> 'jarret+squid-users' is already using "myportname" ACL which is the
> better one to use for this.
I thought the string 'acl ipv4-1 myportname 3128 src 10.99.0.0/24' was
interpreted as:
acl ipv4-1 myportname "3128 src 10.99.0.0/24"
So, I wrongly assumed that the ACL was not matched. If fact it is
matches. Thanks for pointing out my mistake!
Garri
More information about the squid-users
mailing list