LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-04-2008, 09:56 AM   #1
pkraus109
LQ Newbie
 
Registered: Mar 2004
Posts: 23

Rep: Reputation: 16
Squid Guard


I am setting up a squid / squidguard proxy for the purpose of content filtering. I need to have filtered access before work, after work, and during an employees lunch. Beyond that we have three groups of people full access with no content filtering, filtered access, and then everyone else gets blocked unless its during the open hours listed above.

Everyone exists in the allusers list, filtered users exist in allusers and filtered lists, admin users exist in fullaccess and allusers. All other users exist in allusers. Meaning that they get no access except before and after work, and during their lunch hours.

There is a whitelist of sites that the all users get access to but its handled in the squid config and is working correctly.

This is my squidGuard setup but it just doesn't work i don't know why. I am hiding the filtered db sections since they work.

src fullaccess {
userlist /etc/squid/fullaccess
}
src filtered{
userlist /etc/squid/filtered
}
src u1130 {
userlist /etc/squid/1130
}
src u1200 {
userlist /etc/squid/1200
}
src u1300 {
userlist /etc/squid/1300
}
src allusers {
userlist /etc/squid/allusers
}
time afterwork {
weekly mtwhf 00:00 - 08:00
weekly mtwhf 16:59 - 24:00
weekly as 00:00 - 24:00
}

time lunch_1130 {
weekly mtwhf 11:30 - 12:30
}

time lunch_1200 {
weekly mtwhf 12:00 - 13:00
}
time lunch_1300 {
weekly mtwhf 13:00 - 14:00
}
# ACCESS CONTROL LISTS
acl {
fullaccess {
pass all
}
allusers within afterwork{
pass !dating !drugs !gamble !jobsearch !porn !sex !socialnet !spyware all
}
u1130 within lunch_1130{
pass !dating !drugs !gamble !jobsearch !porn !sex !socialnet !spyware all
}
u1200 within lunch_1200{
pass !dating !drugs !gamble !jobsearch !porn !sex !socialnet !spyware all
}
u1300 within lunch_1300{
pass !dating !drugs !gamble !jobsearch !porn !sex !socialnet !spyware all
}
filtered {
pass !dating !drugs !gamble !jobsearch !porn !sex !socialnet !spyware all
}
default {
pass none
redirect http://tools.pelsupply.com/squid?ip=...s&destgroup=%t
}
}

Thanks any help is appreciated. I am using an ident client on the workstations and any one rule when tested works but they don't "cascade". For instance i have a use in the filtered list and they should get access all day every day regardless of time but it blocks them except during their lunch.

Also do i need to have squid reload command running in cron to have the time constraints work? I have tried changing the date/time to test and it never works unless I force a reload.

Paul Kraus
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
squid Guard installation problem hariiyer Linux - Software 2 12-15-2007 04:41 AM
Squid Guard problems sscultima Linux - Server 2 08-22-2007 07:51 AM
Squid Guard c0mpy Linux - Software 1 11-08-2005 01:30 AM
squid Guard installation problem hariiyer Linux - Software 3 03-26-2005 07:08 AM
Squid Guard chokinghazard Linux - Newbie 0 02-09-2005 07:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 01:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration