the game I’m looking for may be complex a bit .

well here is the game :


i have squid ruling on IPV6 and 1 ipv4 

so i have an ipv4  1.1.1.1 address which go to null 0 network  which mean a 
fake route .

buy that i prevent the IPV4 websites from loading .
so  above is sufficient for that :


>> acl ip1 myip 12.58.120.72
>> tcp_outgoing_address 1.1.1.1 ip1



but sometimes i want to allow the IPV4 websites but for certain source of ips 
but i cant match the src ip address with the acl “myip” so that some ips get 
ipv6 websites only and other get both ipv4/ipv6 


thats why i posted the question , I’m sure amos u will give me magical solution 
next post :)



> On Aug 6, 2017, at 3:38 PM, Amos Jeffries <squ...@treenet.co.nz> wrote:
> 
> On 06/08/17 22:17, --Ahmad-- wrote:
>> he folks
>> =======
>> i have acl as  :
>> acl ip1 myip 12.58.120.72
>> tcp_outgoing_address 1.1.1.1 ip1
>> but ACL above will match all src ip addresses .
> 
> No. It will only match traffic where the "myip" value is 12.58.120.72. It has 
> nothing to do with the TCP src-IP.
> 
> 
>> the game i want is i just need to allow the from  src specific ip address to 
>> match the acl above .
>> so what i want to do is :
>> acl hhh src 12.58.70.10/32
>> and  tcp_outgoing_address 1.1.1.1 ( if the src was  12.58.70.10 matching the 
>> ip  12.58.120.72 )
> 
> Do you mean to detect traffic from the 12.58.70.10/32 going to dst-IP 
> 12.58.120.72 ?
> 
> Or do you mean to detect traffic from the 12.58.70.10/32 going to squid-IP 
> 12.58.120.72 ?
> 
> 
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to