LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-07-2005, 12:06 PM   #1
cgelectek
LQ Newbie
 
Registered: Jan 2004
Posts: 4

Rep: Reputation: 0
Question Squid acl help


I have a working squid box on Fedora core 4. I need to change the acl to allow the connection to only four sites and deny all other sites. I can get the acl rules to work with one site but when I add the second it never works out. I have tried setting by IP,domain name and making good/bad acl list when I restart the service I get ok but the acls dont seem to work right. Please point me in the right direction. Thanks!
 
Old 11-08-2005, 06:14 AM   #2
fouldsy
Senior Member
 
Registered: Jan 2002
Location: St Louis, MO
Distribution: Ubuntu
Posts: 1,284

Rep: Reputation: 47
Please paste your ACL's so that we can see what's happening. It shouldn't be a problem to allow multiple sites and then snapping it off with deny all at the end.
 
Old 11-08-2005, 08:01 PM   #3
cgelectek
LQ Newbie
 
Registered: Jan 2004
Posts: 4

Original Poster
Rep: Reputation: 0
Question

I have tried many things this is where I ended up and I cannot get it working. My acl may be wrong as well but I get an error when squid tries to get the file good_sites.txt. (WARNING: empty acl good_sites url_regex -i "/etc/squid/good_sites.txt") Squid does restart ok just with the error above it. If there is a way to set acl rules including the names of the three sites I would like the office to see and block the rest please let me know. Thanks......

acl officenet src 192.168.1.0/255.255.255.0
acl good_sites url_regex -i "/etc/squid/good_sites.txt"
acl bad dst 0.0.0.0/0.0.0.0
http_access allow officenet
http_access allow good_sites
http_access deny bad
http_access deny good_sites
http_access deny officenet
 
Old 11-11-2005, 12:04 AM   #4
cgelectek
LQ Newbie
 
Registered: Jan 2004
Posts: 4

Original Poster
Rep: Reputation: 0
Talking Solved my own problem

Here is an easy way to allow selected sites only. There may be other ways but this works for me.

acl blabla src 192.168.1.0/255.255.255.0
acl good_sites url_regex -i site1 site2 site3 site4 (this will check by words and not be case sensitive)
http_access allow blabla good_sites
http_access deny all

Hope this helps someone.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
do i need to ACL in squid.conf... razan Linux - Security 2 04-20-2005 07:42 AM
Squid ACL Question kemplej Linux - Security 5 08-03-2004 11:56 AM
squid acl problem aigartua Linux - Software 1 12-08-2003 10:03 AM
acl software for squid aqoliveira Linux - Software 1 04-26-2003 05:23 PM
Squid ACL zeroability Linux - Networking 2 01-13-2003 10:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration