squid config for restricting websites
Hi,
How can I block particular IP from connecting to particular sites.
Squid.conf file is as follows.
For example , please help me to block 192.168.0.10 from accessing gmail.com
********************************************************
/etc/squid/squid.conf
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl mynetwork src 192.168.0.0/24
#acl block_site dstdomain "/etc/squid/blocked"
acl allow_sites dstdomain "etc/squid/allowed"
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#
acl localnet src 192.168.0.0/24
#
acl SSL_ports port 443 #https
acl SSL_ports port 563 #snews
acl SSL_ports port 873 #rsync
acl Safe_ports port 80 #http
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 631
acl Safe_ports port 873
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
#
http_access allow manager localhost
http_access deny manager
#
http_access allow purge localhost
http_access deny purge
#
http_access deny !Safe_ports
#
http_access deny CONNECT !SSL_ports
#
http_access allow localhost
#http_access deny block_site
http_access deny !allowed_sites
http_access allow mynetwork
http_access deny all
#
http_port 3128
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 20% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
#
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
upgrade_http0.9 deny shoutcast
#
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
#
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
********************************************************
thanks in advance
Balu
|