Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi.
I use ubuntu linux.
I have atransparent proxy server well configured and running.
I have basically denied some type of files and websites from getting accessed, I however want to restrict access to certain websites and to download of certain files to some users and allow access to the same files/websites to other users at the same time.
Currently i block access to all but i would like to put an exception to other users(IPs).
Need some help please.
Thanx
Currently i block access to all but i would like to put an exception to other users(IPs).
To do this you basically just need to use the src ACL with the exception IPs. Then put this into a "http_access allow" rule, while a later "http_access deny" would use the same ACLs minus the src one to match everyone else.
This example would grant access to microsoft.com only for IPs 192.168.1.113-192.168.1.119:
...and do note that if some users are clever enough/malaevolent enough and have the access to change their IPs, you might want to consider whether this will really do what you want.
To do this you basically just need to use the src ACL with the exception IPs. Then put this into a "http_access allow" rule, while a later "http_access deny" would use the same ACLs minus the src one to match everyone else.
This example would grant access to microsoft.com only for IPs 192.168.1.113-192.168.1.119:
Hi. Thanx for ur reply
I think it will help me.
I will try it tomorrow when i get back to office where da machines are.
How can i apply the same to files.
Like i have blocked download of some files such as .exe, how can i put the same exception for files in this case.
...and do note that if some users are clever enough/malaevolent enough and have the access to change their IPs, you might want to consider whether this will really do what you want.
Hi.
I appreciate querry!
Ist possible to use Mac-Addresses instead of IP addresses in the squid.conf file?
If so, how.
else, do you have/know any other method one could use?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.