> I think i went for wrong option of manager acl.. forgot the manager acl for this > requirement. > I have tested for this requirement. > > Check this setting: > > acl test src client-ip-address/32 > > Before http_access allow all give as > http_access deny test > > Test: > > Comment as > #http_access deny test > http_access allow all > > Browse any url's > > Test with > http_access deny test > http_access allow all > > squid -k reconfigure > Now you will get denial message!! So you denied that access to that ACL > > So the need for the close_connections TAG is not needed at this point. > > > Will it close connections for bad_ip during reconfigure? Because even "http_access > > deny bad_ip" - do not close connections for > bad_ip! > > For other acl's we have to block the GET method too.. > > acl ban1 dstdom_regex .google.com > acl get method GET > #http_access deny get ban1 > http_access allow all > > We can remove the access by > acl ban1 dstdom_regex .google.com > acl get method GET > http_access deny get ban1 > http_access allow all > squid -k reconfigure > > I hope your requirement is fully related to the acl setting ,methods and http_access > setting at all.
:) I think i should explain situation on example. i have some user (1st step): acl usver src 1.2.3.4 http_access allow usver This "usver" can browse internet, than he installs ICQ over http via squid. i do this (2nd step): acl usver src 1.2.3.4 # no changes # http_access allow usver - comment this http_access deny usver After 2nd step "usver" can't browse internet anymore, BUT ICQ still works!!! And I can close ICQ connection for "usver" only by "squid -k shutdown" (restarting squid). "squid -k reconfigure" keeps ICQ connection alive for him! But shutting down squid close connections (ICQ, downloading) for ALL users. I need to close connections selectively - ONLY for some group of users (ACL). How?
