LinuxQuestions.org - Squid acl help

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Squid acl help (https://www.linuxquestions.org/questions/linux-networking-3/squid-acl-help-380795/)

I have a working squid box on Fedora core 4. I need to change the acl to allow the connection to only four sites and deny all other sites. I can get the acl rules to work with one site but when I add the second it never works out. I have tried setting by IP,domain name and making good/bad acl list when I restart the service I get ok but the acls dont seem to work right. Please point me in the right direction. Thanks!

Please paste your ACL's so that we can see what's happening. It shouldn't be a problem to allow multiple sites and then snapping it off with deny all at the end.

I have tried many things this is where I ended up and I cannot get it working. My acl may be wrong as well but I get an error when squid tries to get the file good_sites.txt. (WARNING: empty acl good_sites url_regex -i "/etc/squid/good_sites.txt") Squid does restart ok just with the error above it. If there is a way to set acl rules including the names of the three sites I would like the office to see and block the rest please let me know. Thanks......

acl officenet src 192.168.1.0/255.255.255.0
acl good_sites url_regex -i "/etc/squid/good_sites.txt"
acl bad dst 0.0.0.0/0.0.0.0
http_access allow officenet
http_access allow good_sites
http_access deny bad
http_access deny good_sites
http_access deny officenet

Solved my own problem

Here is an easy way to allow selected sites only. There may be other ways but this works for me.

acl blabla src 192.168.1.0/255.255.255.0
acl good_sites url_regex -i site1 site2 site3 site4 (this will check by words and not be case sensitive)
http_access allow blabla good_sites
http_access deny all

Hope this helps someone.