Chris Robertson-2 wrote: > > espoire20 wrote: >> Matt Harrison-3 wrote: >> >>> espoire20 wrote: >>> >>>> have a small problem with squid in access list, I need to block an IP >>>> address >>>> of a machine does not connect to internet even if it has the address of >>>> the >>>> proxy and port in the Internet option is that it is possible ? >>>> >>>> >>>> because I have some person who installs firefox mozzila he put the >>>> address >>>> of the proxy and the port it connects or it connects with a user of >>>> another >>>> person >>>> >>>> i use this but not working : >>>> >>>> acl user1 src 10.60.6.7 >>>> httpd_access deny user1 >>>> >>> Try it with >>> >>> http_access deny user1 >>> >>> HTH >>> >>> Matt >>> >>> >> excuse me i mean http not httpd but not working >> >> I will explain you, I blocked internet for everyone ,if anyone wants >> internet I add the proxy address and port in the explorer but I need >> blocked >> IP address not to access the internet even if it adds proxy ip and port >> in >> the explorer >> >> what we can do ??? >> > > Share the rest of your config (preferably without comments and blank > lines), or read the FAQ on ACLs > (http://wiki.squid-cache.org/SquidFaq/SquidAcl). You are likely > allowing the traffic somewhere before the deny statement. > >> many thanks >> > > Chris > > > this is my all acl that i have in my squid file : # TAG: acl acl ntlm proxy_auth REQUIRED acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network # acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl test src 10.60.6.7 # TAG: http_access http_access allow ntlm http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access deny all http_access deny test # TAG: icp_access icp_access allow localnet icp_access deny all # TAG: htcp_access htcp_access allow localnet htcp_access deny all i don 't understand why i can't bloque this ip thank you for your help -- View this message in context: http://www.nabble.com/user-problem-tp24458799p24495056.html Sent from the Squid - Users mailing list archive at Nabble.com.
