Results 1 to 1 of 1
I need help with my squid ACL;s. I am trying to allow specific computers access to specific sties at specific times of day. The problem is this... When I uncomment ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 03-26-2009 #1Just Joined!
- Join Date
- Mar 2009
- Posts
- 1
Squid ACL's
I need help with my squid ACL;s. I am trying to allow specific computers access to specific sties at specific times of day. The problem is this... When I uncomment the http_access deny all after the Student_Net stuff, it blocks everything and when it is commented it allows everything. I checked the date/time on the server this runs on and it is accurate. I don't know what else it could be?
Here is my current squid.conf (Squid 3)
Code:http_port 127.0.0.1:3128 icp_port 3130 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY access_log /var/log/squid3/access.log cache_log /var/log/squid3/cache.log cache_store_log /var/log/squid3/store.log refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 # ACL's Section acl our_nets src 192.168.6.0/24 # AM/PM class time acl AM_Class_Hrs time MTWHF 08:00-11:30 acl PM_Class_Hrs time MTWHF 11:30-15:00 acl AM_Good_Sites url_regex -i ^http://www.google.com/a/mySite.com acl AM_Good_Sites url_regex -i ^https://www.google.com/a/mySite.com #acl AM_Good_Sites url_regex -i ^http://www.mySite.com #acl AM_Good_Sites url_regex -i ^https://www.mySite.com acl AM_Good_Sites url_regex -i mySite.com acl AM_Good_Sites url_regex -i netacad.net acl AM_Good_Sites url_regex -i cisco.com #acl Student_Net src 192.168.6.1-192.168.6.14 acl Student_Net src 192.168.6.0/28 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # HTTP_ACCESS section http_access allow Student_Net AM_Class_Hrs AM_Good_Sites http_access allow Student_Net PM_Class_Hrs AM_Good_Sites http_access deny Student_Net #http_access deny all http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports #http_access allow our_nets http_access allow localhost http_access deny all http_reply_access allow all #icp_access allow all debug_options ALL, 1 33, 2 28, 9 coredump_dir /var/spool/squid3
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
