On Thu, 8 Jul 2004, Michael Gale wrote: > Hello, > > I have the following ACL's: > > ##### Protocol restrictions > acl goodhttp proto HTTP > acl goodftp proto FTP > acl goodhttps proto CONNECT > http_access deny !goodhttp httpstand_ports > http_access deny !goodftp ftpstand_ports > http_access deny !goodhttps SSL_ports
Shouldn't this be http_access deny goodhttp !httpstand_ports i.e. deny HTTP access to no-HTTP ports, not deny non-HTTP access to HTTP ports. > ##### Methods and browsers > acl goodmethod method GET > acl goodmethod method HEAD > acl goodmethod method POST > http_access deny !goodmethod httpstand_ports > > Which should only allow HTTP GET and POST request. I used lftp setting it to use > squid for ftp connections and was able > to upload a file. Now the cache.log says it was ALLOWED but the access.log shows a > error ... the file was upload > successfully. The above says nothing about FTP uploads. It only limits the methods allowed when accessing httpstand_ports (this I presume does not include the FTP port). jI think you want something like acl goodhttpmethod method GET HEAD POST acl deny goodftp !goothttpmethod [repeat for each protocol] Regards Henrik
