Michael Bhola wrote: > My question is regarding the behaviour of the acls when ident isn't > recognised. In the config below, because adults isn't valid, it seems to > just ignore that acl and allow based on homenet.
> Is it possible to change my configuration in some way so that any acl > with an error is ignored completely or some other way of setting things > up so that it fails safe ? > http_access allow homenet adults > http_access allow homenet children safe_domain > http_access allow localhost > http_access deny all Change the above http_access lines so that the ident acls aren't combined with anything else. Something like this should work: http_access allow localhost http_access deny !homenet http_access allow adults http_access deny !safe_domain http_access allow children http_access deny all Adam
