[EMAIL PROTECTED] wrote:
>
> It is better to reverse the order
> first use deny and then use allow.
It depends a bit on what you want to do. In this particular case neither
order is correct as it should be turned on the side.
Remember what I have said to many times already: ACL processing is done
top->down and the first access line that fully matches the request says
if it is allow or deny.
On each access line the ACL lists are parsed left->right and careful
ordering and of ACL names in a access line can have great importance on
ACL processing performance, especially if huge regexp lists is involved.
Determining the optimal order is not always obvious.
---
Henrik Nordstrom
Spare time Squid hacker
