LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 07-01-2009, 03:11 AM   #1
linuxcolor
LQ Newbie
 
Registered: Feb 2005
Location: Bangladesh
Distribution: Fedora 11
Posts: 26

Rep: Reputation: 15
Unhappy How to Block(deny) perticuler website in certain times of the day , by using squid ?


As we know that squid has ability to allow/deny in TIME base.

but i want to know that How to Block(deny) perticuler website in certain times of the day in particuler IP or IP Block

suppose i want to block(deny) xyz.com website at every day at 10:00 to 13:00 time in 192.168.81.0/24 ip block.

pls help.
 
Old 07-01-2009, 03:23 AM   #2
nowonmai
Member
 
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
Use a cron job to switch between blacklists?
 
Old 07-01-2009, 04:05 AM   #3
linuxcolor
LQ Newbie
 
Registered: Feb 2005
Location: Bangladesh
Distribution: Fedora 11
Posts: 26

Original Poster
Rep: Reputation: 15
is there any solution in squid.conf . i mean how i declare acl to solve this type of configuration?
 
Old 07-01-2009, 04:28 AM   #4
sushantchawla2005
Member
 
Registered: Jun 2009
Location: India
Distribution: All flavours of linux
Posts: 93

Rep: Reputation: 14
Wink

Yes dude

There is an option in squid.conf file which you can use to block some urls in your office timings.

For e.g.

First create a URL for your office timings say: acl office_time time MTWHF 10:00-18:00
means office timings are from 10 AM to 6 PM & days from Monday to Friday.

then

declare acl for blocking the sites
say: acl bad url_regex "/etc/squid/block.acl"

The block.acl will be a file which you have to create manually at the location specified above "/etc/squid/"

Then you can deny the URLs written in block.acl file like this:

http_access deny bad !office_time
It means deny all the URLs listed in the block.acl file in the office time only not every time.

Meaning these URLs listed in block.acl will be blocked only from 10 AM to 6 PM. On other timings it will remain open.


Best of luck & let me know the status of your success :-)

Last edited by sushantchawla2005; 07-01-2009 at 04:30 AM.
 
Old 07-01-2009, 04:38 AM   #5
linuxcolor
LQ Newbie
 
Registered: Feb 2005
Location: Bangladesh
Distribution: Fedora 11
Posts: 26

Original Poster
Rep: Reputation: 15
Gr8 thanks Dude,

U done a good solution. but one item is missing . i also want particular IP or IP block to deny that site.

So as per ur suggestion and at last i found the solution.

acl office_time time MTWHF 10:00-18:00

acl bad url_regex "/etc/squid/block.acl"

acl lan_ip src "/etc/squid/lan_ip.acl"


http_access deny lan_ip bad office_time

But at last i thank u again
 
Old 07-01-2009, 11:44 PM   #6
sushantchawla2005
Member
 
Registered: Jun 2009
Location: India
Distribution: All flavours of linux
Posts: 93

Rep: Reputation: 14
Thumbs up

Ye that is always possible in squid to block URLs based on particular IP Addresses.

First you have to create a separate file for blocking some URLs for a particular IP address say:

acl blocksite url_regex "/etc/squid/blocksite.acl"

then create ACL for the IP Address. e.g.

acl intern src 10.20.50.78

Lastly block the URL entered in your blocksite.acl

http_access deny intern blocksite !office_time

Here it is blocking the URLs listed in blocksite.acl only in office timings. In other timings that IP Address can access the blocked sites. So you please make arrangements as u need.


Best of Luck & by helping each other I think we Linux Admins can make many impossible things possible. Isn't it?
 
Old 07-03-2009, 02:14 AM   #7
kashif2131971
Member
 
Registered: Mar 2008
Posts: 60

Rep: Reputation: 16
acl office_time time MTWHF 10:00-18:00

acl bad url_regex "/etc/squid/block.acl"

acl lan_ip src "/etc/squid/lan_ip.acl"

its a best way which is mention by linuxcolor but that timebase tag is only available when you install from source code
 
Old 07-04-2009, 09:55 PM   #8
linuxcolor
LQ Newbie
 
Registered: Feb 2005
Location: Bangladesh
Distribution: Fedora 11
Posts: 26

Original Poster
Rep: Reputation: 15
Wink

Dear,

I thing Squid Version 2.5.STABLE6, which i use in mention procedure was install from rpm and it has built in TIME support.

so may be the previous version of squid has not support TIME in rpm base distribution.

recent version of squid rpm has built in TIME support
 
  


Reply

Tags
squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
unable to block all website except www.onlinesbi.com in squid nirmal1100 Linux - Newbie 0 03-30-2009 04:53 AM
Deny to cache a website in squid ridwan77 Linux - Newbie 3 03-24-2009 08:45 PM
Why can't I use /etc/hosts.deny to block a website? CJS Linux - Networking 8 08-29-2008 11:39 AM
How to block a Website in Squid winxlinx Linux - Networking 1 02-21-2006 04:40 PM
squid + bandwidth cutoff at specific times of day avirup dasgupta Linux - Networking 2 09-01-2005 02:42 AM


All times are GMT -5. The time now is 10:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration