Hi Samuel ¡!! The way i´m doing this is creating two text files for each group. One with the authorized usernames to use this group,
and another with the authorized domains. acl pag-gm-ventas dstdomain "/etc/squid/acl/pag-gm-ventas" acl usu-gm-ventas proxy_auth "/etc/squid/acl/usu-gm-ventas" acl pag-gm-servicio dstdomain "/etc/squid/acl/pag-gm-servicio" acl usu-gm-servicio proxy_auth "/etc/squid/acl/usu-gm-servicio" http_access allow usu-gm-ventas pag-gm-ventas http_access allow usu-gm-servicio pag-gm-servicio http_access deny all Everything else is denied.
Regards Horacio Díaz-Requejo De: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx]
En nombre de Samuel Anderson Hello All, I'm attempting to create way to grant users access to different categories using active directory. Currently what I have works but if a website is not listed in any of the whitelists it will allow traffic to that website. If I add a (http_access
deny all) at the end, then nothing works. What I would like is for a user to only have access to whitlists that they are a member of. I'll have around 50 categories in the end. This is just a small sample. Thanks, acl NEWS external ldap_group NEWS acl SHOPPING external ldap_group SHOPPING acl SOCIALNETWORKING external ldap_group SOCIALNETWORKING acl RELIGION external ldap_group RELIGION acl SPORTNEWS external ldap_group SPORTNEWS acl rule1 url_regex -i "/etc/squid3/whitelists/news/domains" acl rule2 url_regex -i "/etc/squid3/whitelists/shopping/domains" acl rule3 url_regex -i "/etc/squid3/whitelists/socialnetworking/domains" acl rule4 url_regex -i "/etc/squid3/whitelists/religion/domains" acl rule5 url_regex -i "/etc/squid3/whitelists/sportnews/domains" http_access deny rule1 !NEWS all http_access deny rule2 !SHOPPING all http_access deny rule3 !SOCIALNETWORKING all http_access deny rule4 !RELIGION all http_access deny rule5 !SPORTNEWS all http_access allow all CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential. If you are not an intended recipient, please contact the sender to report the error and delete all copies of this message
from your system. Any unauthorized review, use, disclosure or distribution is prohibited. |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users