LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Squid, Limited Service (http://www.linuxquestions.org/questions/linux-networking-3/squid-limited-service-498467/)

sarmadys 11-03-2006 11:00 PM

Squid, Limited Service
 
Hello,

I need to configure a squid which is intended to allow access to only 1 specific website. (this proxy is open to all internal network users and we are going to use it to access to a specific portal only).

Below config allows users to browse every website:

acl ourportal urlpath_regex www.ourportal.com
acl our_networks src 10.10.0.0/16
http_access allow ourportal
http_access allow our_networks

Now how can I limit access to just this specific website?

I appereciate your help.

Regards,
Mac

acid_kewpie 11-04-2006 03:46 AM

just put "http_access deny all" on the end to block everything else. assuming "all" is already defined as 0.0.0.0/0 which it should be. also the two access lines you already have there are probably best as a single one, that could actually be what you're having a problem with. that says allow anyone to ourportal or our_networks to go anywere. if you combine them on one line it becomes a logical AND not an OR, i.e allow our_networks to go to ourportal, yeah?

sarmadys 11-05-2006 11:11 PM

There is already a "http_access deny all" at the end of those commands (I had not listed it).


acl ourportal urlpath_regex www.ourportal.com
acl our_networks src 10.10.0.0/16
http_access allow ourportal
http_access allow our_networks
http_access deny all

I tried to combine lines 3 & 4 into one line by "http_access allow ourportal our_networks" but it does not allow access to any website including my desired websites.

Any hints please?

acid_kewpie 11-06-2006 02:35 AM

i think you're using the wrong regex, that matches against the entire url, try using dstdom_regex if you do want a regex, but it looks more like just using dstdomain would be more suitable as you aren't making any use fo the regex functionaltiy: http://www.visolve.com/squid/squid24...s_controls.php

sarmadys 11-06-2006 06:22 AM

Thank you very much. This fixed the problem.

acl ourportal dstdomain .ourportal.com
acl our_networks src 10.10.0.0/16

http_access allow our_networks ourportal
http_access deny all

Regards,
Mac


All times are GMT -5. The time now is 07:05 AM.