[squid-users] limit access with acl only based on source and destination domain
Amos Jeffries
squid3 at treenet.co.nz
Fri May 5 10:57:58 UTC 2017
On 05/05/17 16:23, Blaxton wrote:
> > acl From_Source_Domains srcdomain domain1 domain2 domain3
> > acl To_Destination_Domains dstdomain domain4 domain5 domain6
>
> if:
> > http_access allow From_Source_Domains
> or, if:
> > http_access allow To_Destination_Domains
> or, deny all
>
> According to your answer, if these are ORed, first http_access should
> allow connection to everywhere from domain1,domain2,domain3
> Second http_access allow connections to from everywhere.
>
>
> Is above statement correct ?
What I mean is Squid performs these in this exact order:
The first line is checked.
If From_Source_Domains matches the traffic is allowed.
Otherwise the second line gets checked.
If To_Destination_Domains matches, the traffic is allowed.
Otherwise the traffic is denied.
Amos
More information about the squid-users
mailing list