Linux - Server This forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to
LinuxQuestions.org , a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free.
Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please
contact us . If you need to reset your password,
click here .
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a
virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month.
Click here for more info.
#1
LQ Newbie
Registered: Feb 2012
Posts: 23
Rep:
How to restrict facebook
How to block the some websites for the particular ip address in squid server.I am new to the squid server.Can any one guide me
Click here to see the post LQ members have rated as the most helpful post in this thread.
#2
LQ Guru
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Hello,
You can use what's explained in
this blog to block Facebook access for an entire LAN or specific IP.
Kind regards,
Eric
#3
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
i have created some lists like allowed.clients and restricte_sites are the files in the usr/local/etc/ path.I want to block the facebook for the particular ip addresses in the network.And i have to allow some websites to the particular user(Ip addresses)
#4
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
which distro are you using? here is a sample syntax
Code:
acl imp_people src 10.10.10.30
acl goodsites dstdomain .yahoo.com
http_access allow CONNECT goodsites
http_access allow imp_people
https_access deny all
similarly you can block websites for few USERS
Last edited by deep27ak; 02-16-2012 at 05:35 AM .
#5
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
This is i am using in squid.cof file
#6
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
to block facebook for few users
Code:
acl denied_users src 192.168.1.50 192.168.1.23
acl badsite dstdomain .facebook.com
http_access deny badsite
http_access allow all
http_access allow denied_users
#7
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
I have a small doubt if is place the denied ip address in a file .how to define in the squid file directory.
#8
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Code:
acl mynetwork src 192.168.1.0/24
http_access allow mynetwork
http_access deny all
mention all the IP address with special permission in the same place
Code:
acl denied_users src (all the IPs)
acl bad_sites dstdomain .facebook.com .hi5.com .orkut.com
http_access deny CONNECT bad_sites
http_access allow denied users
or create a file in /etc/squid
Code:
#vi badsites.acl
.facebook.com
.yahoo.com
in squid.conf
Code:
acl badsites url_regex "/etc/squid/badsites.acl"
http_access deny badsites
1 members found this post helpful.
#9
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
Hello,
#10
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Show me your allowed.clients file
put the acl where other acls are mentioned
there is a section in squid.conf
Code:
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
Code:
acl isoft_net src 192.168.1.0/255.255.255.0
http_access allow isoft_net
acl denied_users src (all the IPs)
acl bad_sites dstdomain .facebook.com .hi5.com .orkut.com
http_access deny CONNECT bad_sites
http_access allow denied users
create a file in /etc/squid
#vi badsites.acl
.facebook.com
.yahoo.com
acl badsites url_regex "/etc/squid/badsites.acl"
http_access deny badsites
#11
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
Please check the files allowed.clients file under usr/local/etc/allowed.clients
#12
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
I have never tried working with putting all IPs in one file so I wont be able to help if that works
#13
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
I will try the above one which you guide me for the modify code in the squid.conf file.
#14
LQ Newbie
Registered: Feb 2012
Posts: 23
Original Poster
Rep:
acl allowed_clients dstdomain "/usr/local/etc/allowed.clients"
#15
Senior Member
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Quote:
Originally Posted by
kanna411988
acl allowed_clients dstdomain "/usr/local/etc/allowed.clients"
check and compare the syntax you are using from the one I had posted
Code:
acl badsites url_regex "/etc/squid/badsites.acl"
http_access deny badsites
and I don't see any
http_access syntax in your config file?
Now I can't go on and imagine your config file so it would be better if you post with all the related information
1 members found this post helpful.
All times are GMT -5. The time now is 04:02 AM .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know .
