I want to deny all URL beginning by iso, in squid 3.2.3
So, I've put in squid.conf:
acl torrent_sites dstdom_regex -i iso
acl music_sites dstdom_regex -i music
and my http control like:
http_access allow localhost
http_access allow localnetp1
http_access deny torrent_sites localnetp1
http_access deny music_sites
http_access deny ftp_request
http_access deny localnetp1 norm_conn
http_access deny all
but i can enter to the page isohunt.com, why?
Best Answer
Rules are processed in order. Once an
http_access allow
has been reached processing stops and the connection is permitted. What is thelocalnetp1
ACL doing? Does that happen to be asrc
acl with a list of all your IP addresses perhaps?Your rules generally be ordered like thisgo