Still not working.. how have you got it configured? -----Original Message-----From: Emiliano Vazquez [mailto:emilianovazquez@xxxxxxxxx] Sent: 24 September 2007 1:54 PMTo: Abd-Ur-Razzaq Al-HaddadSubject: Re: Acl for blocking sites not working - what can i DO? You need to make another ACL and use this. #### Blocking some http´sacl block url_regex -i "/squid/etc/files/block"http_access deny block ### (before your http_access allow lan) The file /squid/etc/files/block contain this:adaware.comaddaware.comaddriller.com.........advancedsearchbar.com...etc Next you need to reconfigure your squid # squid -k reconfigure Best Regards. Emiliano Vazquez. ----- Original Message ----- From: "Abd-Ur-Razzaq Al-Haddad" <Abdur.Alhaddad@xxxxxxxxxxxxxxxx>To: <squid-users@xxxxxxxxxxxxxxx>Sent: Monday, September 24, 2007 9:29 AMSubject: Acl for blocking sites not working - what can i DO? > Hi all I've got 2.6 stable running on OpenSuse 10.2> I can't seem to get the squid to use the internal acls to block > sites/domains.. how can this be achived?>>>>> Squid.conf>> #Recommended minimum configuration:> acl all src 0.0.0.0/0.0.0.0> acl manager proto cache_object> acl localhost src 127.0.0.1/255.255.255.255> acl to_localhost dst 127.0.0.0/8> acl SSL_ports port 443> acl Safe_ports port 80 # http> acl Safe_ports port 21 # ftp> acl Safe_ports port 443 # https> acl Safe_ports port 70 # gopher> acl Safe_ports port 210 # wais> acl Safe_ports port 1025-65535 # unregistered ports> acl Safe_ports port 280 # http-mgmt> acl Safe_ports port 488 # gss-http> acl Safe_ports port 591 # filemaker> acl Safe_ports port 777 # multiling http> acl CONNECT method CONNECT> acl lcl src 192.168.0.0/16> acl NTLMUsers proxy_auth REQUIRED> acl blocksites urlpath_regex “/etc/squid/blocks.sites.aclâ€>> #Recommended minimum configuration:> #> # Only allow cachemgr access from localhost> http_access allow manager localhost> http_access deny manager> # Deny requests to unknown ports> http_access deny !Safe_ports> # Deny CONNECT to other than SSL ports> http_access deny CONNECT !SSL_ports> #> # We strongly recommend the following be uncommented to protect innocent> # web applications running on the proxy server who think the only> # one who can access services on "localhost" is a local user> #http_access deny to_localhost> #> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS>> # Example rule allowing access from your local networks. Adapt> # to list your (internal) IP networks from where browsing should> # be allowed> #acl our_networks src 192.168.1.0/24 192.168.2.0/24> #http_access allow our_networks> http_access allow localhost> http_access deny blocksites> http_access allow lcl NTLMUsers>> # And finally deny all other access to this proxy> http_access deny all>>> In the DENY_INFO SECTION******> deny_info ERR_BLOCKED_SITES blocksites>>>>>> Abd-Ur-Razzaq Al-Haddad> IT Analyst>>> 9 Queen Street London W1J 5PE>> Tel: +44 (0)207 659 6620 Fax: +44 (0)207 659 6621> Direct: +44 (0)207 659 6632 Mob: +44 (0)7738 787881> abdur.alhaddad@xxxxxxxxxxxxxxxx>>>>>>> The information contained in this email or any of its attachments may be > privileged or confidential and is intended for the exclusive use of the > addressee. Any unauthorised use may be unlawful. If you received this > email by mistake, please advise the sender immediately by using the reply > facility in your email software and delete the email from your system.>> Carron Energy Limited. Registered Office 9 Queen Street, London W1J 5PE. > Incorporated in England and Wales with company number 5150453>> ______________________________________________________________________> This email has been scanned by the MessageLabs Email Security System.> For more information please visit http://www.messagelabs.com/email> ______________________________________________________________________> ______________________________________________________________________This email has been scanned by the MessageLabs Email Security System.For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________This email has been scanned by the MessageLabs Email Security System.For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
