On Mon, 12 Jan 2004, Payal Rathod wrote: > Hi, > Can someone please correct me if I am wrong? > Setup - allow client 192.168.10.19-192.168.10.21 only some sites. > > acl clients1 192.168.10.19 192.168.10.20 192.168.10.21 > acl allowed dst http://staticky.com www.gnu.org > acl not_allowed dst 0.0.0.0 > http_access allow allowed clients1 > http_access deny not_allowed clients1 > > Is this ok?
The principle is correct, but there is some small errors: a) allowed should be a dstdomain acl type. and the first element it not correct. I think you want acl allowed dstdomain .staticy.com .gnu.org b) not_allowed is not required and not correctly specified (should have a /0 netmask if this acl is specified). I would suggest deleting this ACL entirely. Regards Henrik
