Hi..Satyaveer Arya and linuxlover.chaitanya.
in squid.conf file I had already added the entry as
acl deniedsites dstdomain "/etc/squid3/.denied_sites"
http_access deny deniedsites"
#and so on
This was blocking for only http sites
not for https sites.
So then I tried
acl facebook dstdomain .facebook.com
http_reply_access deny facebook # for http
http_access deny CONNECT facebook # for https
Since my manager had told me to block facebook at all time I didn't mention that as from what time to what time it should be blocked. So I just added the entry to be blocked at all time. But found since squid is http proxy and since we are using transparent squid proxy, now also it was unable to block https://facebook.com
and it was blocked for only http://facebook.com
. So again people started with https://facebook.com
At last I could achieve to block https://facebook.com
using IPTables FORWARD
rules. Then I found, none of the users were able to open https://facebook.com
even after multiple tries and even if they try to access with different browser.
Today I came to know that again they are using 3rd party softwares like ultrasurf on windows!!!
and one more software(I forgot the name, I will let you know once I reached to office, and I also already checked with that software on linux and found both http://facebook.com
is opening only if that software service is started and only with aurora broweser but not with any other browser.) on linux to bypass proxy/firewall!!!
I hope I can block this also using IPTables rules if I could not again I will come and request linuxquestions.org because this is the only one site that always you all are helping me in proper way.
So since I don't want allow such browser I found a link
to allow only particular browsers in squid.conf in which that link says to set the rule as
acl firefox browser firefox
http_access deny !firefox
restared squid3 service and found it is not blocking other browsers. Then I also tried in squid.conf file as
acl aurora browser aurora
http_access deny aurora
restarted the service but still I can access the internet using aurora browser in my PC(client only) as well as clients PC.
So it would be appreciated if you could post the squid ACLs to block all browsers except mozilla firefox and internet explorer.
Thanks for your kind help.