Re: how to combine this specific acl ?

From: Duane Wessels <[email protected]>
Date: Thu, 14 Jan 1999 10:25:32 -0700

Richard van Drimmelen writes:

>Dear squid users,
>
>
>In our institute I see that one specific PC in a student room is used a
>lot for browsing 'nudies'. I'd like to restrict this browsing by
>combining three acl's, based on:
>
> - the IP address/subnetmask of the PC
> - the various sites visited,
> - browsing time (disallowed between MON-FRI 09:00-17:00)
>
>What I've tried:
>
> acl STUDENT_PC src x.x.x.x/255.255.255.255
> acl DIRTY_LITTLE_BASTARD dstdom_regex site1 site2 site3 site4
> acl COME_BACK_LATER MTWHF 09:00-17:00
>
> http_access allow STUDENT_PC
> http_access deny DIRTY_LITTLE_BASTARD
> http_access deny COME_BACK_LATER

The first one is matched, so the request is allowed. The other two lines
are never consulted.

>
>I still get connected. Also tried:
>
> http_access allow COME_BACK_LATER

Try putting them on the same line:

        http_access deny STUDENT_PC DIRTY_LITTLE_BASTARD COME_BACK_LATER

put it at the top (or near) of your http_access lines.

Duane W.
Received on Thu Jan 14 1999 - 10:20:03 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:02 MST