Re: [squid-users] New to squid, setting up filtered internet

From: Henrik Nordstrom <[email protected]>
Date: Tue, 26 Nov 2002 16:26:58 +0100

Actually squid.conf is not by far as complex as it looks.

The only two directives you need to consider for your access control
requirements is

  acl to create lists of sites and/or users

  http_access to allow/deny access based on the above acls.

Then insert the needed rules where instructed in suqid.conf (search for
YOUR OWN).

acl our_networks src 192.168.1.0/24 ...
acl allowed_sites dstdomain ...

http_access allow our_networks allowed_sites

is the only three lines you need to add for your access control needs

When you have a running suqid.conf I'd also strongly recommend to filter
out all the documentation comments. The "beast" gets much more
manageable that way. If you need to read the documentation you always
have squid.conf.default, and it is guaranteed to contain the
documentation of the actual version you have installed not only the
version you first configured...

The following perl command should strip down your squid.conf to only the
actual configuration directives:

  perl -i.full -n -e 'print if /^[a-z]/' squid.conf

Then add a few comments explaining your own configuration changes.

Regards
Henrik

Rich Foster wrote:

> I am trying to set up a squid proxy to deny by default... any websites that
> need
> to be viewed by the company can then be added manually. The squid.conf file
> is a
> pretty complex looking beast and I don't want to bust anything before I even
> get the
> proxy off the ground... I was just wondering if anyone knew which are the
> main
> settings I am going to need to edit, and which I should definately leave
> alone.
>
> I don't want to have squid act as a cache, just allow or deny internet
> traffic based
> on final destination.
Received on Tue Nov 26 2002 - 08:24:42 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:34 MST