> From: Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> > Date: Tue, 06 Oct 2009 23:29:02 +0200 > To: Ross Kovelman <rkovelman@xxxxxxxxxxxxxxxx> > Cc: <squid-users@xxxxxxxxxxxxxxx> > Subject: Re: New Admin > > tis 2009-10-06 klockan 16:55 -0400 skrev Ross Kovelman: > >> This is what I have for http_access: >> >> http_access deny bad_url >> http_access deny all bad_url >> http_access deny manager >> http_access allow manager localhost >> http_access allow workdays >> http_access allow our_networks >> >> >> I would think bad_url would do the trick since I have acl bad_url dstdomain, >> correct? > > It should. At least assuming you have not other http_access rules above > this. > > but the rest of those rules looks strange. > > I think you want something like: > > # Restrict cachemgr access > http_access allow manager localhost > http_access deny manager > > # Block access to banned URLs > http_access deny bad_url > > # Allow users access on workdays > http_access allow our_networks workdays > > # Deny everything else > http_access deny all > > > but have no description of what effect workdays is supposed to have... > > > Regards > Henrik > > I made a few changes and still nothing: acl bad_url dstdomain "/xxx/xxxx/etc/bad-sites.squid" acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl our_networks src 192.168.16.0/255.255.255.0 acl to_localhost dst 127.0.0.0/8 acl workdays time M T W H F 8:30-12:00 11:30-18:00 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # Restrict cachemgr access http_access allow manager localhost http_access deny manager # Block access to banned URLs http_access deny bad_url workdays # Allow users access on workdays http_access allow our_networks workdays # Deny everything else http_access deny all I would think this would fulfill the request I just emailed to the group, but doesn't " Thanks, I made those changes although still no luck. I do save the changes and then run a ./squid -k reconfigure, not sure if I should run a different command. I do have this for work days: acl workdays time M T W H F 8:30-18:00 If I can I would like to deny those sites during "workdays" and then its open before or after that time. Thanks"
<<attachment: smime.p7s>>
