On Tue, 2009-02-10 at 10:22 +0700, Ronny Haryanto wrote: > 2009/2/10 Nyoman [D] <nyo...@royalperspective.com>: > > Yang request IP 192.168.83.124 ke domain fourseasons.com > > Isi file /etc/squid/limited_users.lst ada di sini pak : > > http://pastebin.com/m63c377be (tidak ada IP 192.168.83.124) > > > > Isi file /etc/squid/black_domains.acl ada di sini: > > http://pastebin.com/m69c6f8e0 (tidak ada domain fourseasons.com) > > > > Ini salah satu lognya: > > 1234168022.739 6 192.168.83.124 TCP_DENIED/403 1700 GET > > http://www.fourseasons.com/ - NONE/- text/html > > 1234168022.868 7 192.168.83.124 TCP_DENIED/403 1722 GET > > http://www.fourseasons.com/favicon.ico - NONE/- text/html > > Kalo gitu kemungkinan besar sudah match ke salah satu rule deny yg di > atasnya, belum sampe ke baris yg ada sunsetnya. First match wins, > sisanya tidak dilihat lagi. Kan di atasnya sunset itu masih ada rule > deny yg lain, belum tentu TCP_DENIED di situ berarti match yg deny all > (yg membuat anda berpikir sunsetnya diignore). Sunsetnya diignore cuma > kalo ada match duluan di atasnya. > > Ronny >
Ehmm... makanya saya bingung pak :) Padahal urutan http_access di atasnya cuma ada 3 deny ads porn dan proxy padahal dari ketika list itu nggak ada domain fourseasons.com # Defaul http_access http_access allow localhost http_access deny manager http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow white_domains http_access allow officedom http_access deny ads http_access deny porn http_access deny proxy #http_access deny black_doms http_access allow im2 http_access allow tm_karma http_access allow karma http_access allow resorts http_access allow villa http_access allow router http_access allow sub11 #http_access deny black_doms XTIME !ZTIME http_access allow unlimited !black_doms http_access deny limited !rci_domain !white_domains XTIME http_access allow sunset !black_doms http_access allow flybuys http_access allow square http_access allow pmc http_access allow sales http_access allow estate #http_access allow rci_only rci_domain #http_access allow limited white_domains #http_access deny black_users http_access deny all Kayaknya ntar malam harus ditelusuri lagi dengan cara comment 1 per 1 bagian http_access deny nya deh Thanks Nyoman
signature.asc
Description: This is a digitally signed message part