[squid-users] Re: ACL Website Banning doesn't work

From: Joost de Heer <[email protected]>
Date: Wed, 10 May 2006 17:45:13 +0200 (CEST)

> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> #acl Safe_ports port 8080
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow password

What's the 'password' ACL? If it's matched here, users are granted access,
and all following rules are ignored.

> acl lan src 192.168.0.0/255.255.255.0
> acl lan1 src 192.168.1.0/255.255.255.0
> acl lan2 src 192.168.2.0/255.255.255.0
> acl lan3 src 192.168.3.0/255.255.255.0
>
> acl restricted_sites url_regex -i myspace.com
> acl restricted_sites url_regex -i schoolies.com
> acl restricted_sites url_regex -i
> killjeeseday.freewebpage.org/lol.html
> acl restricted_sites url_regex -i earth.google.com
> acl restircted_sites url_regex -i
> kh.google.com/download/earth/index.html
> acl restricted_sites url_regex -i 211.27.149.18/webbook
> acl restricted_sites url_regex -i maps.google.com
> acl restricted_sites url_regex -i runescape.com
> acl restricted_sites url_regex -i runehq.com
>
> acl user_passwords proxy_auth REQUIRED
>
> http_access deny !restricted_sites lan
> http_access deny !restricted_sites lan1
> http_access deny !restricted_sites lan2
> http_access deny !restricted_sites lan3

So move the 'http_access allow password' (http_access allow
user_passwords?) to here.

> http_access deny all

Joost
Received on Wed May 10 2006 - 09:45:18 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT