rkovelman wrote: > > >> From: Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> >> Date: Tue, 06 Oct 2009 23:29:02 +0200 >> To: Ross Kovelman <rkovelman@xxxxxxxxxxxxxxxx> >> Cc: <squid-users@xxxxxxxxxxxxxxx> >> Subject: Re: New Admin >> >> tis 2009-10-06 klockan 16:55 -0400 skrev Ross Kovelman: >> >>> This is what I have for http_access: >>> >>> http_access deny bad_url >>> http_access deny all bad_url >>> http_access deny manager >>> http_access allow manager localhost >>> http_access allow workdays >>> http_access allow our_networks >>> >>> >>> I would think bad_url would do the trick since I have acl bad_url >>> dstdomain, >>> correct? >> >> It should. At least assuming you have not other http_access rules above >> this. >> >> but the rest of those rules looks strange. >> >> I think you want something like: >> >> # Restrict cachemgr access >> http_access allow manager localhost >> http_access deny manager >> >> # Block access to banned URLs >> http_access deny bad_url >> >> # Allow users access on workdays >> http_access allow our_networks workdays >> >> # Deny everything else >> http_access deny all >> >> >> but have no description of what effect workdays is supposed to have... >> >> >> Regards >> Henrik >> >> > > > I made a few changes and still nothing: > > acl bad_url dstdomain "/xxx/xxxx/etc/bad-sites.squid" > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl our_networks src 192.168.16.0/255.255.255.0 > acl to_localhost dst 127.0.0.0/8 > acl workdays time M T W H F 8:30-12:00 11:30-18:00 > acl SSL_ports port 443 563 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 563 # https, snews > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > > # Restrict cachemgr access > http_access allow manager localhost > http_access deny manager > > # Block access to banned URLs > http_access deny bad_url workdays > > # Allow users access on workdays > http_access allow our_networks workdays > > # Deny everything else > http_access deny all > > I would think this would fulfill the request I just emailed to the group, > but doesn't > > > > " Thanks, I made those changes although still no luck. I do save the > changes > and then run a ./squid -k reconfigure, not sure if I should run a > different > command. > > I do have this for work days: > acl workdays time M T W H F 8:30-18:00 > > If I can I would like to deny those sites during "workdays" and then its > open before or after that time. > > Thanks" > > > Hi There, Maybe try this.... Change http_access deny bad_url workdays To... http_access deny our_networks bad_url workdays It should match any source IP address and if the other 2 acls match then you should get 'Access Denied' Thanks, Tookers -- View this message in context: http://www.nabble.com/New-Admin-tp25774654p25790327.html Sent from the Squid - Users mailing list archive at Nabble.com.
