OK so no one can tell me how to connect PC clients to POP3 or IMAP which are known to be running on a linux box. I now want to restrict access to squid on the linux box from room K13 and included the line acl roomK13 src 1.0.131.131-1.0.131.159/16 http_access deny roomK13 The netmask for my network is 255.255.0.0 and I only want to prevent access in the range given. Squid complains I have masked my IP part and ignores the acl. -- Alan Davies Head of Computing Birkenhead School
--- Alan Davies
OK so no one can tell me how to connect PC clients to POP3 or IMAP which are known to be running on a linux box.
I now want to restrict access to squid on the linux box from room K13 and included the line
acl roomK13 src 1.0.131.131-1.0.131.159/16
http_access deny roomK13
That looks OK, to me. I'm sure this has been mentioned on this list before...
The netmask for my network is 255.255.0.0 and I only want to prevent access in the range given.
Squid complains I have masked my IP part and ignores the acl.
That's Odd. Is that *all* squid is telling you? You did do: `` squid -k reconfigure '' after you made the updates? You'd have to paste a portion of you squid logfile for me to be able to help you further. -- Thomas Adam ===== Thomas Adam "The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk
On Fri, 7 Nov 2003, Alan Davies wrote:
I now want to restrict access to squid on the linux box from room K13 and included the line
acl roomK13 src 1.0.131.131-1.0.131.159/16
This is wrong. When specifying IP ranges like this, you need to use a netmask of /32 on the end, otherwise it doesn't make sense to Squid (the /32 denotes that they're all individual IP addresses, rather than a large block). So, your acl line should read acl roomK13 src 1.0.131.131-1.0.132.159/32 Alternatively, you can use the IP/Netmask notation, so your line would read: acl roomK13 src 1.0.131.128/27 This will take all IP addresses between 1.0.131.128 and 1.0.132.159 into the roomK13 ACL.
http_access deny roomK13
This is fine :) Dan
participants (3)
-
Alan Davies
-
Dan Kolb
-
Thomas Adam