Squid acl help
I have a working squid box on Fedora core 4. I need to change the acl to allow the connection to only four sites and deny all other sites. I can get the acl rules to work with one site but when I add the second it never works out. I have tried setting by IP,domain name and making good/bad acl list when I restart the service I get ok but the acls dont seem to work right. Please point me in the right direction. Thanks!
|
Please paste your ACL's so that we can see what's happening. It shouldn't be a problem to allow multiple sites and then snapping it off with deny all at the end.
|
I have tried many things this is where I ended up and I cannot get it working. My acl may be wrong as well but I get an error when squid tries to get the file good_sites.txt. (WARNING: empty acl good_sites url_regex -i "/etc/squid/good_sites.txt") Squid does restart ok just with the error above it. If there is a way to set acl rules including the names of the three sites I would like the office to see and block the rest please let me know. Thanks......
acl officenet src 192.168.1.0/255.255.255.0 acl good_sites url_regex -i "/etc/squid/good_sites.txt" acl bad dst 0.0.0.0/0.0.0.0 http_access allow officenet http_access allow good_sites http_access deny bad http_access deny good_sites http_access deny officenet |
Solved my own problem
Here is an easy way to allow selected sites only. There may be other ways but this works for me.
acl blabla src 192.168.1.0/255.255.255.0 acl good_sites url_regex -i site1 site2 site3 site4 (this will check by words and not be case sensitive) http_access allow blabla good_sites http_access deny all Hope this helps someone. |
All times are GMT -5. The time now is 05:45 AM. |