OK another go. Firstly, you do not need to explicitly allow certain lists, if you have an all statement, it will pass anything that you have not restricted. Secondly, on closer inspection, I notice that you have used "any" at the end of your 2 acl's it should be "all". Regards Mark Barlow -----Original Message----- From: Yuan Yudistira [mailto:sabukhitam@xxxxxxxxx] Sent: 21 May 2007 11:11 To: Mark Barlow Subject: Re: ACL By IP not working Thank you for your reply, I have fixed according to your suggestion, but there is no luck. PC with IP address IT and ipWartawanHiburan still can not access movies site. Blocked by default rule? Any idea? Thanks in advance YUAN On 5/21/07, Mark Barlow <mark.barlow@xxxxxxxxxxxxxxx> wrote: > Not an expert in squidguard but I'll have a stab. > > Not sure if it matters, but all the examples I've seen have the first curly > bracket on the dest line, could be the e-mail adding a carriage return. > > In the acl for the ipWartawanHiburan I don't think that you can have 2 > separate IP addrsses on 1 line. You can select a range i.e. > 192.168.0.1-192.168.0.10 with a hyphen or a network with an Ip address and > netmask. If you are selecting 2 non sequential IP addresses, put them on > separate lines, i.e. > src ipWartawanHiburan { > ip 172.20.21.102 > ip 172.20.21.76 > } > > The only other thing I can see assuming you have cut and paste from you conf > file is that you are missing a space on the acl line for IT at porn!music > > Regards > > Mark Barlow > > -----Original Message----- > From: Yuan Yudistira [mailto:sabukhitam@xxxxxxxxx] > Sent: 18 May 2007 16:45 > To: squid-users@xxxxxxxxxxxxxxx > Subject: ACL By IP not working > > Hi > > I have the following ACL on squidGuard.conf > > > # Destination lists > # Addresses are relative to the db directory > dest porn > { > domainlist blacklists/porn/domains > urllist blacklists/porn/urls > } > > dest music > { > domainlist blacklists/music/domains > urllist blacklists/music/urls > } > > dest movies > { > domainlist blacklists/movies/domains > urllist blacklists/movies/urls > } > > dest spyware > { > domainlist blacklists/spyware/domains > urllist blacklists/spyware/urls > } > > dest warez > { > domainlist blacklists/warez/domains > urllist blacklists/warez/urls > } > > dest redirector > { > domainlist blacklists/redirector/domains > urllist blacklists/redirector/urls > } > > dest adv > { > domainlist blacklists/adv/domains > urllist blacklists/adv/urls > } > > dest drugs > { > domainlist blacklists/drugs/domains > urllist blacklists/drugs/urls > } > > src ipWartawanHiburan { > ip 172.20.21.102 172.20.21.76 > } > > src IT { > ip 172.20.21.186 > } > > # Access Control > acl > { > # During Business hours > # Stop the embarassing stuff and speed up the connecti > > ipWartawanHiburan { > pass movies !porn music !spyware !warez !redirector !adv !drugs > any > } > > IT { > pass movies porn!music spyware warez redirector !adv !drugs > any > } > > default { > pass !porn !music !movies !spyware !warez !redirector > !adv !drugs all > redirect http://172.20.21.231/blokir/ > } > } > > I want to set access to a certain IP > ipWartawanHiburan can access movies, > > the above acl is not working. > Please help > > > Thanks > > YUAN > > --
