Hi! On Thu, Feb 5, 2009 at 10:02 PM, jjrowan <squid_user@xxxxxxxxxxxx> wrote: > A customer has a problematic employee that spends excessive time on > Facebook, Myspace and FoxSports. They are willing to let him access these > sites before and after work and during lunch but during office hours they > want him and others restricted from these sites. I found examples but they > either entirely block access or nothing, they don't do anything based on > time. I want to allow the user to get to the sites on their time but > restrict them during work. I don't know why these don't work. > acl baduser src 192.168.1.3 > acl early time 05:00-08:29 > acl morning time 08:30-11:59 > acl lunch time 12:00-12:30 > acl afternoon time 12:31-16:30 > acl afterwork time 16:31-23:59 > > acl bad_url dstdomain "/etc/squid/bad-sites.squid" > > http_access allow baduser early lunch afterwork bad_url yike... that will never apply: baduser AND early (05:00-08:29) AND lunch (12:00-12:30) AND afterwork (16:31-23:59). so, you are asking that the time is simultaneously on three, non-overlapping, periods of time. Try this: acl baduser src 192.168.1.3 acl user_time time 05:00-08:29 acl morning time 08:30-11:59 acl user_time time 12:00-12:30 acl afternoon time 12:31-16:30 acl user_time time 16:31-23:59 acl bad_url dstdomain "/etc/squid/bad-sites.squid" http_access allow baduser user_time bad_url as for the deny, you solve it as a homework. Btw, there is an even simplier way. > http_access deny baduser morning bad_url > http_access deny baduser afternoon bad_url > > > Contents of /etc/squid/bad-sites.squid > .myspace.com > .facebook.com > .foxsports.com > >
