Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-29-2004, 11:41 PM   #1
Registered: Dec 2003
Posts: 235

Rep: Reputation: 30
Squid ACL Question

I have a box running squid2.6stable at a customer's site. We currently use ncsa username/passwords to track users' sites. However they are now wanting to completely block internet access from 8pm to 8 am. How would I go about doing this?
Old 08-02-2004, 08:51 PM   #2
LQ Newbie
Registered: Aug 2004
Location: nigeria
Distribution: redhat
Posts: 6

Rep: Reputation: 0
plz i am trying to configure bandwith management and squid on linux machine. i dont want browsing bandwith to chop into call bandwith. need help on how to shape bandwith between the two and how to get squid well configured.
Old 08-02-2004, 09:22 PM   #3
Registered: Jul 2004
Location: Woodland Hills, CA
Distribution: Debian/Mandrake
Posts: 37

Rep: Reputation: 15
Learning as I go here...

An excerpt from squid.conf under the ACL tag information...
#       acl aclname time     [day-abbrevs]  [h1:m1-h2:m2]
#           day-abbrevs:
#               S - Sunday
#               M - Monday
#               T - Tuesday
#               W - Wednesday
#               H - Thursday
#               F - Friday
#               A - Saturday
#           h1:m1 must be less than h2:m2
I believe this combined with http_access is what you're looking for.

So, if you were to add these line (in the appropriate area, probably by the rest of the acl/http_access tags, after any specific allow designations, is my guess):
acl 8to8http time MTWHF 20:00-8:00
http_access 8to8http deny
I think that might be exactly what you're looking for. This is assuming you only want access during business hours...but you can probably see that it'd be easy to add/remove days and adjust times given this information.

As I understand it: The acl is an "access list" tag that can be defined in a large number of ways, with the time method being what you need in this specific instance. The http_access tag is simply a tag that will take the form of: http_access <previously defined acl> allow|deny.

Again, I must state that I really don't know here, but in the time I was looking at documentation and at the squid.conf itself (this is incredibly well documented compared to most config files), but I think this is along the lines of what you need.
Old 08-02-2004, 09:24 PM   #4
Registered: Jul 2004
Location: Woodland Hills, CA
Distribution: Debian/Mandrake
Posts: 37

Rep: Reputation: 15

I guess the other quick and dirty way to get this done might be a cron job that would swap out /etc/hosts.allow and /etc/hosts.deny... However, I would only use that as a last resort since that seems not only very hackish, but potentially dangerous to do. But the option would be there, I suppose.
Old 08-03-2004, 09:22 AM   #5
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Please do not post the same question in mulitple forums. Select the most relevant forum and post a single thread there. Also, please start your own new threads rather than asking your questions in another users thread as this can prevent users from getting replies to their questions and is considered poor forum ettiquette. Thank you.
Old 08-03-2004, 11:56 AM   #6
Registered: Jul 2004
Location: Woodland Hills, CA
Distribution: Debian/Mandrake
Posts: 37

Rep: Reputation: 15
Man oh man I must have been brain fried yesterday...

When I actually thought about it after I went home, the more I realized that the hosts.allow/hosts.deny thing is something that was just stupid... Please ignore that post.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid acl help cgelectek Linux - Networking 3 11-11-2005 12:04 AM
do i need to ACL in squid.conf... razan Linux - Security 2 04-20-2005 07:42 AM
SQUID: ACL question razametal Linux - Software 1 09-18-2003 08:18 AM
Squid ACL zeroability Linux - Networking 2 01-13-2003 10:30 AM
Help me in Configuring Squid ACL tina_gora Linux - Networking 0 05-22-2001 03:31 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:26 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration