fix acl bug

lexrus · Sep 5, 2015 · ddc4f80 · ddc4f80
1 parent 7dc1acd
commit ddc4f80
Showing 1 changed file with 3 additions and 5 deletions.
diff --git a/roles/squid-root/templates/squid.conf b/roles/squid-root/templates/squid.conf
@@ -11,13 +11,11 @@ cache_dir ufs /var/spool/squid3 1024 16 256
 {% endif %}
 
 acl to_localhost dst 127.0.0.0/8
-{% for item in private_networks %}
-acl to_private_network dst {{ item }}
-{% endfor %}
+http_access deny to_localhost
 
-http_access deny !to_localhost
 {% if squid_deny_private_network_dest %}
-http_access deny !to_private_network
+acl to_private_network dst {% for item in private_networks %} {{ item }} {% endfor %}  
+http_access deny to_private_network
 {% endif %}
 
 {% if squid_require_auth %}