LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Silly Question about Squid
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-22-2009, 07:40 PM   #1
moekad
Member
 
Registered: Feb 2009
Posts: 64

Rep: Reputation: 15
Silly Question about Squid

hey
how are you all!
i know it's silly question but i didn't work with me
i wanna to ristrict site like youtube from 12:00 am to 09:00 am
i type in squid.conf
acl src 192.168.0.0/24
acl timeon time 00:00-09:00
acl sites dstdomain .yahoo

http_access deny sites
http_access allow src timeon

didn't work any clue
Thanks for your help.
 
Old 02-23-2009, 05:10 AM   #2
chitambira
Member
 
Registered: Oct 2008
Location: Online
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 51
Quote:
acl src 192.168.0.0/24
you need to give your acl a name like
acl mynetwork src 192.168.0.0/24
Quote:
acl sites dstdomain .yahoo
should be like:
acl sites dstdomain .yahoo.com

Quote:
http_access deny sites
http_access allow src timeon
it therefore should look like
http_access deny sites
http_access allow mynetwork timeon

However, best practice is to deny enemies outright -->allow friends -->deny anyone unknown by default:
http_access deny sites
http_access allow mynetwork timeon
http_access deny all
 
Old 02-23-2009, 05:39 AM   #3
SonJelfn
Member
 
Registered: Aug 2003
Location: Sendai, Japan
Distribution: Slackware, Slackware64, Debian
Posts: 63

Rep: Reputation: 17
Hello,

Did chitambira's post work like you wanted?

I haven't used Squid in a while, but it feels as with this ACL configuration:

Code:
http_access deny sites
http_access allow mynetwork timeon
http_access deny all
It would deny whatever you put in the ACL "sites" no matter what and only allow access from your network in "mynetwork" only at "timeon"

I think that fixing the ACL definitions as chitambira pointed out and then using this configuration would get the desired result:

Code:
http_access deny sites timeon
http_access allow mynetwork
http_access deny all
Hope it works. Make sure to tell us if it works out.

Good luck
Last edited by SonJelfn; 02-23-2009 at 10:38 AM. Reason: chitambira was right, I had mistake in my last post. Between both of us I think this should be solved :)
 
Old 02-23-2009, 09:30 AM   #4
chitambira
Member
 
Registered: Oct 2008
Location: Online
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 51
Quote:
http_access deny sites
http_access allow mynetwork timeon
http_access deny all
was purely demonstrating best practice and syntax here, otherwise for the actual requirements(which are not clear here) however assuming that moekad want to RESTRICT access to PARTICUALR sites TO: btwn 12 midnite and 9am, then the acl should look like:

Quote:
acl mynetwork src 192.168.0.0/24
acl businesstime time 09:00-24:00
acl sites dstdomain restricted.txt

http_access deny sites businesstime
http_access allow mynetwork
http_access deny all
the file restricted.txt should contail a list of all domains that have to be restricted
 
Old 02-24-2009, 09:45 AM   #5
moekad
Member
 
Registered: Feb 2009
Posts: 64

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by chitambira View Post
was purely demonstrating best practice and syntax here, otherwise for the actual requirements(which are not clear here) however assuming that moekad want to RESTRICT access to PARTICUALR sites TO: btwn 12 midnite and 9am, then the acl should look like:



the file restricted.txt should contail a list of all domains that have to be restricted
//////////
hey
Thanks all it work =)
Regards, KAD
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Silly question, but here goes BrianD18 Linux - Newbie 5 03-23-2005 08:53 AM
Silly Question koodoo Linux - Newbie 2 02-14-2005 07:20 AM
Silly question Menestrel Linux - Newbie 3 08-20-2004 03:32 PM
silly question bruj3w Slackware 3 08-20-2004 12:51 PM
very silly question jayakrishnan Linux - General 12 04-08-2002 04:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:42 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration