Hi, On Tue, Apr 07, 2009 at 11:05:16AM +0300, John Doe wrote: > Hi > > >> For some reason > >> acl stunnel src 10.0.0.0/8 doesn't seem to work (with version > 1.3.15.8). > > > >That's not expected at all. Are you sure you were not mixing up with > another > >problem ? Could you please retest with 1.3.17 ? > > I did the re-test using 1.3.17 and I can confirm that the following > configuration doesn't function as expected (i.e. the traffic is not > redirected into https): > acl stunnel src 10.0.0.0/8 > redirect prefix https://10.0.0.220 unless stunnel > > but this works OK: > acl stunnel src 10.0.0.220/32 > redirect prefix https://10.0.0.220 unless stunnel > > No other modifications were made. Hope you can sort it out even though it is > no biggie for me.
Well, I have tried here and it works as expected for me with /8 : if the source is any address in 10.0.0.0/8, it is not redirected, otherwise it is. Maybe your clients are local and in 10.0.0.0/8 too ? Willy