On Wed, 15 Dec 2004, Boniforti Flavio wrote:
http_access allow CED UtentiAutorizzati http_access allow our_networks http_access allow localhost http_reply_access deny block_stream http_reply_access deny streaming http_access deny all
Now, I need to allow our users to access ".rm" files which reside on a specific web server, which I know by its IP address.
Now, I added:
acl SERVER dst 12.34.56.78
and was trying to figure out how to write the "access" line.
http_access allow SERVER block_stream streaming
You should use
http_reply_access allow SERVER
before your http_reply_access deny ...
My question is: is it possible (and if yes, *how*) to merge different access rules (http_access and http_reply_access)?
No. The two are completely separate from each other and executes at different points in time.
http_access executes when Squid has received the request from the browser, before it is forwarded to the web server.
http_reply_access executes when Squid has received the reply from the web server (or cache).
Ordering is relevant within each directive only. The following configurations are all equivalent:
http_access allow a b c http_reply_access allod d e f http_access allow x y z http_reply_access allow t x z
or
http_reply_access allod d e f http_reply_access allow t x z http_access allow a b c http_access allow x y z
or even
http_reply_access allod d e f http_reply_access allow t x z http_access allow a b c http_access allow x y z
Regards Henrik
