-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Purely a shot in the dark, but shouldn't you have http_access deny blocked just above http_access deny all? i.e. http_access allow localhost http_access deny !safe http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow remotes http_access deny blocked http_access deny all
Just guessing... I haven't used squid in years :) Good luck!
Grishnav wrote: | Hosts in blocked should be blocked, but they aren't. What am I missing? | | (And yes... "http_access allow remotes" is a stupid acl, but it works | without modifying the interface software.) | | acl localnet src 192.168.0.0/255.255.255.0 | acl all src 0.0.0.0/0.0.0.0 | acl localhost src 127.0.0.1/255.255.255.255 | acl remotes src 192.168.0.0/255.255.0.0 | acl blocked src 102.168.0.13/255.255.255.255 | | acl SSL_ports port 445 443 441 563 | acl safe port 80 | acl safe port 81 | acl safe port 21 | acl safe port 445 443 441 563 | acl safe port 70 | acl safe port 210 | acl safe port 1025-65535 | acl safe port 280 | acl safe port 488 | acl safe port 591 | acl safe port 777 | acl CONNECT method CONNECT | | http_access allow localhost | http_access deny !safe | http_access deny CONNECT !SSL_ports | http_access deny blocked | http_access allow localnet | http_access allow remotes | http_access deny all | | | _______________________________________________ | PDXLUG mailing list | [EMAIL PROTECTED] | http://pdxlug.org/mailman/listinfo/pdxlug -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32)
iD8DBQFBZWZ28SyNUqEG5J0RAst9AJ97KtD6MfRhgVidIHdWWRH0aPYeBACffWgX aBiFuSdoGuj4aWUgJ1PvofM= =mE5r -----END PGP SIGNATURE----- _______________________________________________ PDXLUG mailing list [EMAIL PROTECTED] http://pdxlug.org/mailman/listinfo/pdxlug
