Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-21-2012, 07:21 AM
|
#1
|
Member
Registered: Jun 2012
Location: India
Posts: 66
Rep:
|
Regarding Squid ACL rules
Hi friends,
I am new user for this site and also for linux, I have installed squid on RHEL-5, and created one file for site blocking, this site blocking applying for all users, now i wanted to give permission to particular IP ex: 172.16.4.50 (facebook access permission) how to do?
MY SQUID.CONF ACL RULES:
acl business_hours time S M T W H F A 00:01-23:59
acl blocksite url_regex -i "/etc/squid/blocksite.txt"
acl freetime time S M T W H F A 09:00-18:00
http_access deny blocksite freetime
http_access allow blocksite
I have tried below things,
acl special_client src 172.16.4.50
acl facebook dstdomain .facebook.com
acl orkut dstdomain .orkut.com
http_access allow facebook special_client
http_access deny facebook
http_access deny orkut
http_access allow all
This is not working....
Please help me on this,
Thanks and Regards,
Sandeep CC
|
|
|
06-21-2012, 01:06 PM
|
#2
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
|
Hi,
How is it not working? Is it denying access to 172.16.4.50 for facebook or it allows everyone?
Anyway make sure facebook is not included in the blocksite.txt file and use:
Code:
http_access deny facebook !special_client
and remove "http_access deny facebook"
Regards
|
|
|
06-22-2012, 08:16 AM
|
#3
|
Member
Registered: Jun 2012
Location: India
Posts: 66
Original Poster
Rep:
|
Thanks bathory,
your post got helpfull to me, But here one clarification, as you said i have did and it got worked out, my network is on DHCP so i cant give by IP, same thing i have tried with Host name by giving srcdomain <host_name> but its not working, If it is in dhcp then how to do same thing for host name?
Regards,
Sandeep CC
|
|
|
06-22-2012, 03:57 PM
|
#4
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
|
Quote:
my network is on DHCP so i cant give by IP, same thing i have tried with Host name by giving srcdomain <host_name> but its not working, If it is in dhcp then how to do same thing for host name?
|
How is not working?
If the host in question is on the same switch as the squid server you can use an acl based on the mac address of the client. Note that squid must be compiled with mac filtering support, that is not usually the case, because mac filtering does not work across different switches.
Or you (or the dhcpd server admin) can assign a static IP to the specific host based on its mac address.
Regards
|
|
1 members found this post helpful.
|
06-25-2012, 11:06 PM
|
#5
|
Member
Registered: Jun 2012
Location: India
Posts: 66
Original Poster
Rep:
|
Thanks for your help...
|
|
|
All times are GMT -5. The time now is 10:44 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|