Controlled Squid Proxy Rules

Hi All,

I am deploying a squid for my company, in which there will be three main groups. Group 1 having restricted access for sites, upload & download, Group 2 having restricted access only for download & uploading not for sites, Group 3 having no restriction at all. Please guide me if anyone have already worked on this. Restriction will only be IP based.

I have already deployed few rules:


acl Group1 src "/path/to/group1_ip_list"
acl Group2 src "/path/to/group2_ip_list"
acl Group3 src "/path/to/group3_ip_list"


acl filedownload rep_mime_type -i ^application/msword$ ^application/pdf$ ^application/vnd.ms-powerpoint$ ^application/vnd.ms-excel$ ^application/x-asap$ ^text/asp$ ^text/html$ ^application/x-asp$ ^application/zip$

reply_body_max_size 3145728 allow filedownload Group1
reply_body_max_size 7340032 allow filedownload Group2

request_body_max_size 500 KB allow Group1 all
request_body_max_size 500 KB allow Group2 all

reply_body_max_size 512000 allow Group1 all
reply_body_max_size 512000 allow Group2 all



http_access allow Group1

acl allowed_list url_regex "/path/to/sites.allowed"
acl denied_list url_regex "/path/to/sites.deny"

http_access allow allowed_list
http_access deny denied_list

http_access allow Group2
http_access deny all

Now, the problem is, I am not able to allow Group 3 for all, it is getting restricted somewhere. Where and with what permission should I place Group3 ?