ACL Time & Inside_firewall caching

From: Tim Brody <[email protected]>
Date: Sun, 26 Apr 1998 19:37:38 +0100

I can't get acl time to work /at all/. I have set it to check a file with the following type entries:
M 11:15-12:30
M 13:30-15:30
and so on.

Whatever I do it seems that it 'screws' up (i.e. when it should allow access it doesn't)!

That's a specific, in more general terms as regards permissions:

I have/am setting up a proxy in a school where I need different permissions for different users (they have passwords provided by Proxy_auth). The lowest level users should only be allowed access at particular times to sites which have been certified. I need a 'middle' road of users which are allowed access at all times, to all sites, but have certain words and sites banned (e.g. not allowed to do a search for "porn"). Then on the top rung I need totally unrestricted users - supervisors - who can find and certify sites, download files etc.

I think I need a URL Redirector in order to allow filtered access to the lower two user types (for the lowest level users access needs to be denied for all non-certified sites, for medium access users they need to be banned from certain sites) ~ but how do I do this AND still provide differing access levels based on pwds?

Also I really need to be able to edit and reconfigure the user lists and site permissions on a fairly regular basis, reconfiguring squid takes too long to do regularly - I'm currently trying to use ACL access permissions for everything ... which is a pain to say the least.

WHAT DO I DO (speed of access doesn't matter too much, but user's loosing requests & denied service is a pain)???

inside_firewall
I've told squid to use my isp's squid server (which has it's own filtered service) by using parent proxy and inside_firewall. But squid (locally) appears not to be caching requests ... how do I get it to look in it's own cache then ask the parent ~ assuming that the site filtering will occur before the request is going to be processed.

Thanks for any assistance,
Tim Brody.

ps Don't ask me 'knock' up a simple program to do what I've described ~ I have very little knowledge on this subject ~ I'm a user not a systems analysist!
Received on Sun Apr 26 1998 - 11:40:38 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:39:57 MST