Find the answer to your Linux question:
Results 1 to 4 of 4
I have squid loaded on my CentOS 4.0 server and it is running great, but when I started to process the configuration file. The goal was to eliminate any traffic ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2007
    Posts
    1

    Squid configuration


    I have squid loaded on my CentOS 4.0 server and it is running great, but when I started to process the configuration file. The goal was to eliminate any traffic OUTSIDE of what I tried to permit. Below is my configuration where I changed the squid.conf file. Once I did, everything is allowed. I hope this is something stupid that I overlooked but I was wondering if anyone else had similar problems.

    Code that I changed:

    # We strongly recommend the following be uncommented to protect innocent
    # web applications running on the proxy server who think the only
    # one who can access services on "localhost" is a local user
    http_access deny to_localhost
    #
    # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

    # Example rule allowing access from your local networks. Adapt
    # to list your (internal) IP networks from where browsing should
    # be allowed
    acl our_networks src XX.XX.XX.XX/XX
    http_access allow our_networks
    acl yahoo dstdomain .yahoo.com
    acl msn dstdomain .msn.com
    acl mydomain dstdomain .mydomain.com
    acl google dstdomain .google.com

    # And finally deny all other access to this proxy
    http_access allow localhost
    http_access allow yahoo
    http_access allow msn
    http_access allow anovoamericas
    http_access allow google
    http_access allow anovous
    http_access deny all

  2. #2
    Just Joined!
    Join Date
    Jul 2004
    Posts
    15
    I had a similar problem and I still havent figured out the solution.

    I am easily able to get squid to work if I "allow all" , but if I try to restrict traffic, using the ACL, in any fashion, the server fails. I even try to make the simplest rules that I can think of and it doesnt work.

    I am lost as to why this happens.

  3. #3
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    I would suggest using the squidguard addin to configure your blocks, time blocks, groups blocks, and blacklists and whitelists.

    and then use webmin to manage both

    or use dans guardian, which I have never used but should work just as well.

  4. #4
    Linux Newbie athlon_crazy's Avatar
    Join Date
    Sep 2007
    Location
    Malaysia
    Posts
    132
    What i did :

    1) create a file with bunch of block url inside.
    ~$:vi /etc/squid/bad_url.acl

    2) Make an entry as below in squid.conf

    acl bad url_regex "/etc/squid/bad_url.acl"
    http_access deny bad
    http_access allow all


    Notes : make sure, deny first, then follow by allow.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •