Landy Landy wrote:
Hello.
I am currently running squid Version 3.0.STABLE24 and is working really well. I block user's by ip address:
acl registered src "/etc/msd/ipAllowed"
http_access allow registered
http_access deny all
but, now I would like UNregistered clients to be able to access some specific websites for ie, my bank's web site so they can make a payment and some others.
Can I do it like this:
acl my_bank dstdomain www.mybank.com
http_access allow my_bank
So you add that snippet as-is before the "deny all" line.
Also, all ip addresses other than the registered are blocked with iptables as well. So, I guess I have to allow access to these website somehow.
Depends on which side of the firewall they are.
If as I suspect, you are running Squid as the access portal to
external sites, then no the firewall does not need to change. The
unknown visitors will have to go to/through Squid until they register.
If the unknowns are on the other side of the firewall from Squid then
yes it will need opening enough so they can get to your Squid.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.7
Beta testers wanted for 3.2.0.1
