RE: [squid-users] time based Instant Message blocking

From: Manu C S <[email protected]>
Date: Thu, 23 Oct 2003 12:26:18 -0500 (CDT)

Hi Adam,

>I noticed that you specify a proxy_auth acl, but don't show the
>http_access line that utilizes it. You haven't shown us all your acl
>and http_access lines; please post your entire squid.conf (please
>remove any blank lines or comments first).

Thanks for the response.
Here's my entire squid.conf file.
------------------------------------------------------------------
shutdown_lifetime 5 seconds
icp_port 0
http_port 192.168.10.254:800
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_effective_user squid
cache_effective_group squid
pid_filename /var/run/squid.pid
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
log_mime_hdrs off
forwarded_for off

authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd

acl all src 0.0.0.0/0.0.0.0
acl cmie dstdomain .cmie.com .ibainternational.org
acl chpass url_regex ^http://192.168.10.254:81/cgi-bin/chpasswd.cgi$
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src 192.168.10.0/255.255.255.0
acl admin-mc src 192.168.10.1
acl staff-mc src 192.168.10.201-192.168.10.220
acl restrict-im dstdom_regex -i "/etc/squid/im"
acl holiday-time time M 00:00-24:00
acl morning-time time STWHFA 07:00-09:00
acl noon-time time STWHFA 11:00-17:00
acl night-time time STWHFA 21:00-24:00
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 280 488 591 777 800 1025-65535
acl fw-port port 81
acl CONNECT method CONNECT
acl porn dstdom_regex -i "/etc/squid/porn1"
acl blockedsites dstdom_regex -i "/etc/squid/blocked_sites"
acl blockedwords url_regex -i "/etc/squid/blocked_words"
acl student proxy_auth "/etc/squid/students"
acl admin proxy_auth fwadmin

http_access allow restrict-im admin-mc
http_access allow restrict-im staff-mc
http_access allow holiday-time restrict-im localnet
http_access allow morning-time restrict-im localnet
http_access allow noon-time restrict-im localnet
http_access allow night-time restrict-im localnet
http_access deny restrict-im all
http_access allow localhost
http_access allow cmie localnet
http_access allow chpass student
http_access allow admin-mc
http_access allow fw-port admin localnet
http_access deny fw-port
http_access deny blockedsites
http_access deny blockedwords
http_access deny porn
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow staff-mc
http_access allow student localnet
http_access allow localnet
http_access deny all

maximum_object_size 4096 KB
minimum_object_size 0 KB
cache_mem 2000 KB
cache_dir ufs /var/log/cache 50 16 256
request_body_max_size 0 KB
reply_body_max_size 0 KB
------------------------------------------------------------------

/etc/squid/students has a list of all the students

/etc/squid/im has the following lines:
    msg.*.yahoo.com
    messenger.hotmail.com

/etc/squid/porn1 has a list of banned sites

/etc/squid/blocked_words has
    \.pif$
    \.mp3$
    \+mp3$
    \.wav$
    \.mpeg$

/etc/squid/blocked_sites has
    mp3.com
    downloadmusic.com
    musicindia.com
    games.yahoo.com

Regards,
Manu
Received on Thu Oct 23 2003 - 00:59:04 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:36 MST