Unverified Commit daeeb033 authored by Mattia Rizzolo's avatar Mattia Rizzolo
Browse files

cs16/squid: correctly allow only the /24 subnet of the 192.168.101.0 network 



the notation previously used would have allowed the whole /16, despite a
single address being specified.

This was also causing warnings:

2018/10/09 06:25:09| aclIpParseIpData: WARNING: Netmask masks away part of the specified IP in '192.168.101.16/16'

Signed-off-by: Mattia Rizzolo's avatarMattia Rizzolo <mattia@debian.org>
parent 53ab78ff

hosts/codethink-sled16-arm64/etc/squid/squid.conf

+2 −1
Original line number Diff line number Diff line
@@ -974,7 +974,8 @@ 
# should be allowed

acl localnet src 10.0.0.0/8	# RFC1918 possible internal network

#acl localnet src 172.16.0.0/12	# RFC1918 possible internal network

acl localnet src 192.168.101.16/16	# RFC1918 possible internal network

#acl localnet src 192.168.0.0/16	# RFC1918 possible internal network

acl localnet src 192.168.101.0/24 # private network between the codethink nodes

#acl localnet src fc00::/7       # RFC 4193 local private network range

#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines