Hello Andy,
Thursday, June 07, 2001, 4:49:49 PM, you wrote:
AI> On Thu, 7 Jun 2001 17:35:39 +0500
AI> Serge Lisin <[EMAIL PROTECTED]> wrote:
>> Thursday, June 07, 2001, 3:03:11 PM, you wrote:
>>
>> AI> use server wide directive 'connect_from <ip-addr>;'
>> ���������� � ������ �������. �� ��������.
>> ��� �������� � �2, ����� CONNECT - � �1.
AI> " - �� ����� ��� ������������� ���� ���������� � ����������.
AI> - � �� ���?
AI> - � �� ������� �������!"
AI> ���������, ������. :)
��� ����� �������:
acl CONNECT method CONNECT
acl ADMIN_HOST src_ip ...
acl LOCAL_DEST dstdom dor.ru dor.inside
acl ICQ dstdom include:/usr/local/etc/oops/icq
acl ALL_DEST dstdom *
acl LOCAL_NETWORKS src_ip include:/usr/local/etc/oops/acl_local_networks
acl ADMINS src_ip 127.0.0.1
acl PURGE method PURGE
bind_acl a2 ALL_DEST
connect_from a2
group icq
{
networks_acl LOCAL_NETWORKS ICQ;
badports [0:79],110,138,139,513,[6000:6010] ;
connect_from a2
http
{
allow dstdomain *;
}
}
group admin
{
networks_acl ADMIN_HOST ALL_DEST !ICQ;
badports [0:79],110,138,139,513,[6000:6010] ;
redir_mods redir;
http
{
allow dstdomain *;
}
}
group localdor {
networks_acl LOCAL_NETWORKS !ADMIN_HOST LOCAL_DEST !ICQ;
badports [0:79],110,138,139,513,[6000:6010] ;
miss allow;
redir_mods redir;
http {
allow dstdomain * ;
}
}
group dor {
networks_acl LOCAL_NETWORKS !LOCAL_DEST !ADMIN_HOST !ICQ;
badports [0:79],110,138,139,513,[6000:6010] ;
miss allow;
auth_mods pam;
redir_mods redir;
http {
allow dstdomain * ;
}
}
group world {
networks 0/0;
badports [0:79],110,138,139,513,[6000:6010];
http {
deny dstdomain * ;
}
icp {
deny dstdomain * ;
}
}
� /usr/local/etc/oops/icq ���������� ������ ICQ-��������, �� ��������
� ��� ���-����� ���� � ������ a1
--
Best regards,
Serge mailto:[EMAIL PROTECTED]
=====================================================================
If you would like to unsubscribe from this list send message to
[EMAIL PROTECTED] with "unsubscribe oops" in message body.
Archive is accessible on http://www.paco.net/oops/
