Squid acls... - openSUSE Edu - openSUSE Mailing Lists

newer
Rekall and associated software

Squid acls...

older
Novell buys SuSE

Alan Davies

7 Nov 2003 7 Nov '03

17:39

OK so no one can tell me how to connect PC clients to POP3 or IMAP which are known to be running on a linux box. I now want to restrict access to squid on the linux box from room K13 and included the line acl roomK13 src 1.0.131.131-1.0.131.159/16 http_access deny roomK13 The netmask for my network is 255.255.0.0 and I only want to prevent access in the range given. Squid complains I have masked my IP part and ignores the acl. -- Alan Davies Head of Computing Birkenhead School

Reply

Sign in to reply online Use email software

Show replies by thread

Thomas Adam

7 Nov 7 Nov

17:53

New subject: [suse-linux-uk-schools] Squid acls...

--- Alan Davies wrote:

OK so no one can tell me how to connect PC clients to POP3 or IMAP which are known to be running on a linux box.

I now want to restrict access to squid on the linux box from room K13 and included the line

acl roomK13 src 1.0.131.131-1.0.131.159/16

http_access deny roomK13

That looks OK, to me. I'm sure this has been mentioned on this list before...

The netmask for my network is 255.255.0.0 and I only want to prevent access in the range given.

Squid complains I have masked my IP part and ignores the acl.

That's Odd. Is that *all* squid is telling you? You did do: `` squid -k reconfigure '' after you made the updates? You'd have to paste a portion of you squid logfile for me to be able to help you further. -- Thomas Adam ===== Thomas Adam "The Linux Weekend Mechanic" -- http://linuxgazette.net "TAG Editor" -- http://linuxgazette.net ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk

Reply

Sign in to reply online Use email software

Dan Kolb

17:56

New subject: [suse-linux-uk-schools] Squid acls...

On Fri, 7 Nov 2003, Alan Davies wrote:

I now want to restrict access to squid on the linux box from room K13 and included the line

acl roomK13 src 1.0.131.131-1.0.131.159/16

This is wrong. When specifying IP ranges like this, you need to use a netmask of /32 on the end, otherwise it doesn't make sense to Squid (the /32 denotes that they're all individual IP addresses, rather than a large block). So, your acl line should read acl roomK13 src 1.0.131.131-1.0.132.159/32 Alternatively, you can use the IP/Netmask notation, so your line would read: acl roomK13 src 1.0.131.128/27 This will take all IP addresses between 1.0.131.128 and 1.0.132.159 into the roomK13 ACL.

http_access deny roomK13

This is fine :) Dan

Reply

Sign in to reply online Use email software

7474

Age (days ago)

7474

Last active (days ago)

Download

2 comments

3 participants

tags

participants (3)

Alan Davies
Dan Kolb
Thomas Adam