Find the answer to your Linux question:
Results 1 to 6 of 6
hi i have squid proxy configured on my network. but when i try to make access lists to deny specific IP addresses from using this proxy it did not work. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2011
    Posts
    6

    squid proxy


    hi
    i have squid proxy configured on my network.
    but when i try to make access lists to deny specific IP addresses from using this proxy it did not work.
    those IP addresses still able to use this proxy.

    any idea about the reason of that ??!!!

    thanks

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Please post your ACLs
    linux user # 503963

  3. #3
    Just Joined!
    Join Date
    Dec 2011
    Posts
    6
    acl our_networks src 192.168.6.212
    acl our_networks src 192.168.6.213
    acl our_networks src 192.168.6.214
    acl our_networks src 192.168.6.215
    acl our_networks src 192.168.6.216
    acl our_networks src 192.168.6.217
    acl our_networks src 192.168.6.218
    acl our_networks src 192.168.6.219

    http_access allow our_networks

    acl blocked src 192.168.6.220
    acl blocked src 192.168.6.221
    acl blocked src 192.168.6.222
    acl blocked src 192.168.6.223
    acl blocked src 192.168.6.224
    acl blocked src 192.168.6.225
    acl blocked src 192.168.6.226
    acl blocked src 192.168.6.227
    acl blocked src 192.168.6.228
    http_access deny blocked

  4. #4
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007
    Location
    Virginia
    Posts
    664
    Quote Originally Posted by abdullah1 View Post
    hi
    i have squid proxy configured on my network.
    but when i try to make access lists to deny specific IP addresses from using this proxy it did not work.
    those IP addresses still able to use this proxy.

    any idea about the reason of that ??!!!

    thanks
    The reason is probably either that you didn't understand how to set the access lists up, or made an inadvertent error in doing so.

  5. #5
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Quote Originally Posted by abdullah1 View Post
    acl our_networks src 192.168.6.212
    acl our_networks src 192.168.6.213
    acl our_networks src 192.168.6.214
    acl our_networks src 192.168.6.215
    acl our_networks src 192.168.6.216
    acl our_networks src 192.168.6.217
    acl our_networks src 192.168.6.218
    acl our_networks src 192.168.6.219

    http_access allow our_networks

    acl blocked src 192.168.6.220
    acl blocked src 192.168.6.221
    acl blocked src 192.168.6.222
    acl blocked src 192.168.6.223
    acl blocked src 192.168.6.224
    acl blocked src 192.168.6.225
    acl blocked src 192.168.6.226
    acl blocked src 192.168.6.227
    acl blocked src 192.168.6.228
    http_access deny blocked
    ACLs do not work that way. Every time you state 'acl our_network' for example, you are trampling over the previous statement.

    Instead, your acl should look like this:

    Code:
    acl our_network src 192.168.6.213-192.168.6.219/32
    acl blocked src 192.168.6.220-192.168.6.228/32
    http_access allow our_networks
    http_access deny blocked
    you may need to adjust the mask in the range to fit your needs, version of squid, etc., etc., etc.
    Last edited by scathefire; 12-15-2011 at 10:06 PM. Reason: masking in squid is funny
    linux user # 503963

  6. #6
    Just Joined!
    Join Date
    Dec 2011
    Posts
    6
    thanks scathefire
    i will try this,,,

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •