LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Need Help in Squid Config
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-31-2005, 04:32 AM   #1
krishvij
Member
 
Registered: Feb 2005
Location: India
Distribution: RHEL 3
Posts: 108

Rep: Reputation: 15
Need Help in Squid Config

Hi,

Am using RHEL 3 and I have configured squid to act as a proxy on my RHEL 3 box. everything works fine. Everybody can browse any website. Now, that is my problem

I have to restrict 15 IPs in my local network in such a way that they can only browse to 1 particular website. and no other site. So, if i want that 192.168.10.35 should be able to browse to only www.redhat.com, then how do I do this in squid. If I can get a hang of this, then I can roll it out for all my other requirements.
 
Old 03-31-2005, 07:34 AM   #2
linuxxed
Member
 
Registered: Feb 2004
Posts: 273

Rep: Reputation: 30
You need to read squid.conf. It is extremely well documented in the file. Make use of acl and http_access directive.

For eg:


acl mynetwork src 192.168.0.0/24 (define your network)
acl browsablesites dstdomain *.redhat.com

http_access allow mynetwork browsablesites

http_access deny all



Note that if multiple acls are specified in http_access then they are anded together.

http://www.squid-cache.org/Doc/FAQ/FAQ.html
 
Old 03-31-2005, 08:12 AM   #3
krishvij
Member
 
Registered: Feb 2005
Location: India
Distribution: RHEL 3
Posts: 108

Original Poster
Rep: Reputation: 15
Hi Linuxxed,

Thanks for ur reply. Got the hang of it. One more query. I want to allow 1 IP to access ftp. so, what do i do? I tried the following :-

acl one_ip url_regex -i 192.168.10.158 ftp
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow one_ip


but squid gave me an error and stopped when i tried service squid restart

any ideas? is my code ok?
 
Old 04-01-2005, 03:29 AM   #4
linuxxed
Member
 
Registered: Feb 2004
Posts: 273

Rep: Reputation: 30
Quote:
Originally posted by krishvij
Hi Linuxxed,

Thanks for ur reply. Got the hang of it. One more query. I want to allow 1 IP to access ftp. so, what do i do? I tried the following :-

acl one_ip url_regex -i 192.168.10.158 ftp
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow one_ip


but squid gave me an error and stopped when i tried service squid restart

any ideas? is my code ok?
I don't think you need to do all of that. Try the proto directive

acl FTP proto FTP
acl mynetwork src 192.168.10.158/255.255.255.255
http_access allow mynetwork FTP


or maybe
acl ftp_ports port 21


If it does not work then turn the acl debugging on.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
squid config kernelvn Linux - Networking 1 07-15-2005 06:10 AM
squid config tzkolinux Linux - Networking 0 12-27-2004 03:24 AM
[help] squid config piyushiitk Linux - Newbie 1 12-05-2004 06:23 PM
[help ] squid config piyushiitk Linux - Networking 0 12-05-2004 07:49 AM
squid config upload-3 Linux - Networking 6 12-04-2004 01:23 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:44 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration