-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/11/2014 2:58 a.m., Efe wrote: > Thank you for your reply. I've managed to retrieve uncommented > config lines: > > $ grep -P '^\s*\w' /etc/squid3/squid.conf > > acl localnet src 192.168.0.101 # RFC1918 possible internal > network acl SSL_ports port 443 acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp acl Safe_ports port 443 # > https acl Safe_ports port 70 # gopher acl Safe_ports port 210 > # wais acl Safe_ports port 1025-65535 # unregistered ports acl > Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # > gss-http acl Safe_ports port 591 # filemaker acl Safe_ports > port 777 # multiling http acl CONNECT method CONNECT > http_access deny !Safe_ports http_access deny CONNECT !SSL_ports > acl myrule dstdom_regex "/etc/squid3/domainblock.txt" http_access > allow myrule cache deny all http_access allow localhost manager > http_access deny manager acl Purge method PURGE http_access deny > Purge http_access allow localhost http_port 3128 coredump_dir > /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i > (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Packages(.gz)*)$ > 0 20% 2880 refresh_pattern . 0 20% 4320 > > If helps, iptables is empty and netstat status is $ sudo netstat > -nltp | grep squid tcp6 0 0 :::3128 > :::* LISTEN 20292/(squid-1) > > Version info: $ sudo apt-cache policy squid3 squid3: Installed: > 3.3.8-1ubuntu6.1 Candidate: 3.3.8-1ubuntu6.1 Version table: *** > 3.3.8-1ubuntu6.1 0 500 http://archive.ubuntu.com/ubuntu/ > trusty-updates/main i386 Packages 500 > http://archive.ubuntu.com/ubuntu/ trusty-security/main i386 > Packages 100 /var/lib/dpkg/status 3.3.8-1ubuntu6 0 500 > http://archive.ubuntu.com/ubuntu/ trusty/main i386 Packages > > Proof that squid is running: $ ps ax | grep squid 20290 ? Ss > 0:00 squid3 20292 ? S 0:06 (squid-1) 31535 ? S > 0:00 (logfile-daemon) /var/log/squid3/access.log 31720 pts/28 S+ > 0:00 grep --color=auto squid > > Maybe i used the wrong terminology as "redirect". B/c whenever the > website in the blocklist is called, localhost page of my LAMP shows > up. > > So, what i want to achieve in the end is blocking and sometimes > unblocking a list of websites based on their domain name. Problem > is even the config is changed to "http_access allow myrule" it > doesnt reflect allow/deny options accordingly anymore. At this > moment, the websites in the list are still non-accessible. > Let me guess, you are testing this with a browser URL http://192.168.whatever:3128/ or even just http://192.168.whatever/ and it shows your LAMP server page? You seem to have missed out all the bits of the setup which make the browser use the proxy rather than just connecting directly to Apache in the LAMP stack. You may need to read through this: http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUYN2bAAoJELJo5wb/XPRj5VMIANLLVIb8kjqk5BiycDBAH1MR 5qA896B3hhcoVEgFIH2lxSzFVBXJBFSwcjXnZN9nkqf5b7/t6k58hY3+56+UfZSF xO7tHOy/mvtCNA+ol7JlyVz+MvgaKMRqzXdAnJdP3OrhQ4g75WfGKCxoCBBwPNgU 5gD7rSSQq8PpD0uBNuHV8SDwwKkYaoYtoqAs1OWD5p+WbyAylYZB7cJKKgex1+d9 nPqGIlaRLaWRJzcTDFUW0C3B0zIggIv5GRNsO50gqqQZ0Xb9F3Iy5aDOwyiyiCYn LmlRADaoqf4MWfBh+nmmufcwUcfsAGknI7tStk3dXCzNQNA9O2gy3e7s+H+7Poo= =A5vS -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
