RE: [squid-users] Blocking specified users and sites

From: Matthew Kaminski <[email protected]>
Date: Thu, 24 Oct 2002 12:03:28 +1300

Yes, after a short look I worked out how to block certain sites, but I still
have problem with blocking users.
my config is something like that:
--------------------------cut------------------
acl bannedusers proxy_auth sfatt tempstud
http_access deny bannedusers
--------------------------cut------------------

where "staff" and "tempstud" are usernames, and with this rulers user
"staff" is NOT denied access, while user "tempstud" is Denied access.

my list of acl's and hppt_access rules is:
and NO, the machine I'm trying things out is now included in "allowedhosts"

acl user_password proxy_auth REQUIRED
authenticate_program /usr/lib/squid/squid_ldap_auth -b o=hwk -u cn -D
cn=mops,o=hwk -w 3vp5gaw4 -f cn=%s 172.20.128.4
acl all src 0.0.0.0/0.0.0.0
acl college src 172.20.128.0/255.255.240.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl bannedsites dstdomain "/etc/squid/bannedsites"
acl bannedusers proxy_auth sfatt tempstud
acl allowedhosts src "/etc/squid/allowedhosts"

http_access allow allowedhosts
http_access deny bannedsites
http_access deny bannedusers
http_access allow user_password
http_access deny all

Matthew Kaminski
Network Administrator

Howick College
Sandspit Road
PO Box 38142
Howick
Auckland

Phone: 0-9-534 4492 x850
Fax: 0-9-534 6574
Cell: 021 159 6191
Email: matthew.kaminski@howick.school.nz

-----Original Message-----
From: Colin Campbell [mailto:sgcccdc@citec.qld.gov.au]
Sent: Thursday, October 24, 2002 11:33 AM
To: Matthew Kaminski
Cc: 'squid-users@squid-cache.org'
Subject: Re: [squid-users] Blocking specified users and sites

Hi,

On Thu, 24 Oct 2002, Matthew Kaminski wrote:

> Hey ppl.
> This question was asked before but i have recieved no reply.
> How do I set up squid so it blocks access to particular sites (i.e. I have
a
> list of sites that I dont want users to have access to)

Have a look in squid.conf at "acl" and "http_access" directives.

Colin

--
Colin Campbell
Unix Support/Postmaster/Hostmaster
CITEC
+61 7 3227 6334
Received on Wed Oct 23 2002 - 17:02:55 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:53 MST