请问Linux 锁了上网80 port,如何开放一组目的地ip出去!

f7112345

请问各位高手 小弟我刚接手的Linux CentOS-5.3 有用proxy 限制上网锁80 port , 但公司新系统需要传简讯验证码出去(简讯验证码走的也是80 port),我要怎么开放针对 简讯公司(目的地)的ip 都出的去.

以下是公司的 proxy 设定 ,
设定档内容:
acl all src 0.0.0.0/0.0.0.0
acl all_pass_ip src "/etc/squid/setting/all_pass_ip"
acl callcenter_leader_ip src "/etc/squid/setting/squid.superallow.hosts"
acl basic_user_ip src "/etc/squid/setting/squid.allow.hosts"
acl yushun_ip src "/etc/squid/setting/yushun_user_ip"

acl denytimes time "/etc/squid/squid.deny.times"
acl morning time 9:30-12:00
acl afternoon time 14:00-18:00

acl allurl dstdomain "/etc/squid/squid.allurl"
acl whilefile urlpath_regex -i "/etc/squid/squid.allow.whilefile"
acl whileurl dstdomain "/etc/squid/squid.allow.whileurl"
acl blockfile urlpath_regex -i "/etc/squid/squid.deny.blockfile"
acl superblockurl dstdomain "/etc/squid/squid.superdeny.blockurl"
acl blockurl dstdomain "/etc/squid/squid.deny.blockurl"
acl yushunurl dstdomain "/etc/squid/setting/squid.yushundeny.blockurl"
acl lanurl dstdomain "/etc/squid/setting/lanurl

acl localhost src 127.0.0.1/255.255.255.255

acl Safe_ports port 80 # http
acl SSL_ports port 443
#acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
##############################################################################
http_access allow localhost

http_access allow all_pass_ip
http_access allow basic_user_ip lanurl
http_access deny yushunurl
http_access allow yushun_ip
http_access deny superblockurl
http_access allow callcenter_leader_ip

http_access allow whilefile
http_access allow whileurl
http_access deny denytimes
http_access deny blockfile
http_access deny blockurl

http_access allow basic_user_ip

http_access deny all


我想开放一组目的地ip 210.68.77.234 可以到 , 所以在 squid.allow.hosts 新增了一組ip.
但squid 重启之后 出现下面的错误 讯息,而且也到不了.
请问我该如何 正确的 开放一组目的地ip 210.68.77.234 可以到.


[root@localhost setting]# service squid restart
正在停止 squid: 2010/09/15 14:25:51| WARNING: '210.68.77.234' is a subnetwork of '210.68.77.234'
2010/09/15 14:25:51| WARNING: because of this '210.68.77.234' is ignored to keep splay tree searching predictable
2010/09/15 14:25:51| WARNING: You should probably remove '210.68.77.234' from the ACL named 'basic_user_ip'
2010/09/15 14:25:51| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '210.68.77.234/24'
2010/09/15 14:25:51| WARNING: '210.68.77.234' is a subnetwork of '210.68.77.0/255.255.255.0'
2010/09/15 14:25:51| WARNING: because of this '210.68.77.0/255.255.255.0' is ignored to keep splay tree searching predictable
2010/09/15 14:25:51| WARNING: You should probably remove '210.68.77.234' from the ACL named 'basic_user_ip'
................ [ 确定 ]
正在启动 squid: . [ 确定 ]

感谢各位高手看完. 有人能帮我解答吗? 谢谢.