Re: [squid-users] access list

From: Abu Khaled <[email protected]>
Date: Fri, 8 Jul 2005 16:43:39 +0300

On 7/8/05, Eganya Alfredo <eganyaalfredo@yahoo.es> wrote:
>
> internal sites:
> web.aza.cl
> mail.aza.cl
>
> external site:
> *.cl
> *.com
> *.net
>
> team free:
> 125.1.1.0/24
> can acces all the web(external sites)
>
> team blocked:
> 125.1.7.0/24
> just internal sites
>

# the dot before the domain names is important ( .google.com )
acl intsites dstdomain .aza.cl
acl extsites dstdom_regex \.cl$ \.com$ \.net$
acl freeteam src 125.1.1.0/24
acl blockteam src 125.1.7.0/24
http_access allow blockteam intsites
http_access deny blockteam !intsites
# if you do not want freeteam to access internal sites
# http_access deny freeteam intsites
http_access allow freeteam extsites
# and last rule deny all
http_access deny all
-----

I hope this solves your problem.
visolve has good documentation about squid ACLs
http://squid.visolve.com/squid/squid24s1/access_controls.htm#acl

-- 
Regards.
Abu Khaled
Received on Fri Jul 08 2005 - 07:43:41 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Aug 01 2005 - 12:00:02 MDT