[SOLVED] Using Squid to restrict access during certain hours, but only to certain sites
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Using Squid to restrict access during certain hours, but only to certain sites
Hi,
I have been trying to get Squid to work so that I can restrict access to a particular web site during certain hours every night. I can't seem to get it working, however. I am still able to access the site. The following are the relevant lines from my squid.conf file:
acl restricted-domain dstdomain "/etc/squid/denied_domains.acl"
acl test time 19:00-20:00
acl bedtime time 22:00-23:59
acl nighttime time 00:00-05:00
http_access deny test
http_access deny restricted-domain bedtime
http_access deny restricted-domain nighttime
http_access deny all
Perhaps you need to specify the days even when it's all of them? Example:
Code:
acl test time SMTWHFA 19:00-20:00
EDIT: Actually, nevermind. I just saw an example of the Squid website where they don't specify the days so that's not going to be it. Do you have any http_access lines above these which might be conflicting?
Ok, apparently, where the acl "localhost" is defined, 127.0.0.1/32 does not work for some reason. I had to make a new acl called localhost2 and put the actual IP of my eth0 port to get it to work. Then I had to add "http_access allow localhost2" as well. Solved. Thanks Win32sux for being the lone responder to my question.
Ok, apparently, where the acl "localhost" is defined, 127.0.0.1/32 does not work for some reason. I had to make a new acl called localhost2 and put the actual IP of my eth0 port to get it to work. Then I had to add "http_access allow localhost2" as well. Solved. Thanks Win32sux for being the lone responder to my question.
Hi wolverine13, can you now post your new policy here? i have a similar problem now, my boss wants to limit the access of facebook from 11am-1pm and 6pm-8pm everyday. Better if you will give me an exact config based on this scenario. Tnx in advance.
Hi wolverine13, can you now post your new policy here? i have a similar problem now, my boss wants to limit the access of facebook from 11am-1pm and 6pm-8pm everyday. Better if you will give me an exact config based on this scenario. Tnx in advance.
Sure, here it is, modified for your scenario:
Code:
#The contents of my "/etc/squid/denied_domains.acl" file:
.facebook.com
#Relevant ACL's from my squid.conf file:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#Below is the "localhost2" ACL I was referring to:
acl localhost2 src 10.10.20.3/32
#ACL to specify internal IP's
acl localnet src 10.0.0.0/16 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
#ACL for subnet that eth0 is in. Basically allows access from anything but 10.10.20.3 when combined with "localhost2" ACL
acl restofnetwork src 10.10.20.0/24
#Specifies restricted domains
acl restricted-domain dstdomain "/etc/squid/denied_domains.acl"
#ACL to restrict between various times of day
acl midday time 11:00-13:00
acl evening time 18:00-20:00
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
#No Facebook between 11am and 1pm
http_access deny restricted-domain midday
#No Facebook between 6pm and 8pm
http_access deny restricted-domain evening
#Allows everything else anywhere
http_access allow localhost
http_access allow localhost2
http_access allow restofnetwork
# And finally deny all other access to this proxy
http_access deny all
The IP addresses are ones from my network, so you'll have to substitute IP's from yours
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
