[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

squid

Здравствуйте
есть сетка 10.5.130.0/24 Нужно сделатьдоступ для групп internet и
allwhatyouwant
и запрет для всех остальных

http_port 4480
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT

acl in_net src 10.5.130.0/255.255.255.0

acl internet src dankin.internal.irc.gazprom.ru.
acl internet src stavkin.internal.irc.gazprom.ru.
acl internet src feofanov.internal.irc.gazprom.ru.
....................................

acl local-servers dstdomain internal.irc.gazprom.ru
acl media-files urlpath_regex -i \.mp3$
acl media-files urlpath_regex -i \.mpeg$
acl media-files urlpath_regex -i \.mpg$
acl media-files urlpath_regex -i \.avi$
acl media-files urlpath_regex -i \.wmf$

acl allwhatyouwant src senkov.internal.irc.gazprom.ru.
..................................

#http_access deny all
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
http_access allow localhost
http_access allow internet (нужен доступ)
http_access allow allwhatyouwant (нужен доступ)
http_access deny media-files
http_access allow in_net
http_access deny all
icp_access allow all

если делаю запрет на in_net нет доступа и для группы internet
Подскажите где ошибка
Заранее благодарю
Николай
Reply to: