LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 02-08-2013, 01:47 AM   #1
blackvirus
LQ Newbie
 
Registered: Jan 2013
Posts: 5

Rep: Reputation: Disabled
need help regarding ACLs in Squid


hi
i have installed RHEL5 and on it i install Squid3.0stable25-1el5
so after configuration i can run internet from this server. issue is when i define ACLs and restart the service it restart without any error but doesnt block anythng.
need help guys
Attached Files
File Type: txt squid.txt (395 Bytes, 8 views)
 
Old 02-08-2013, 03:00 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
why did you attach a standard service restart instead of the actual ACL's and other config ??? that tells us nothing at all.
 
Old 02-08-2013, 04:44 AM   #3
blackvirus
LQ Newbie
 
Registered: Jan 2013
Posts: 5

Original Poster
Rep: Reputation: Disabled
sorry wrong file attached.

squid .conf file is attached now
kindly rename .txt to .conf
Attached Files
File Type: txt squid.txt (159.3 KB, 7 views)
 
Old 02-08-2013, 05:09 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
http_access allow localnet

this is permitting access to everywhere from what you later define as your own networks. remove it.

also note there's a really weird set of lines...

http_access allow lan
http_access allow lan1
http_access allow lhrlan
http_access allow lhrlan1

http_access allow all
http_access deny all

why pick out subnets if you then blanket allow everyone anyway? And why then deny everyone access after you've alreadu permitted it?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help with acls in squid! pappupolyster Red Hat 2 03-14-2010 01:12 PM
Check It ??Squid ACLS to Block Files for Specific Domain and to Spefic IP farrukhndm Linux - Server 0 12-06-2008 01:41 AM
squid acls ikinnu Linux - Networking 2 08-25-2007 05:24 PM
SQUID - seperate ACLs fr different user groups? HCBLinux Linux - Networking 0 01-30-2004 03:21 PM
SQUID - seperate ACLs fr different user groups? HCBLinux Linux - Networking 0 01-30-2004 11:20 AM


All times are GMT -5. The time now is 10:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration