Search squid archive

Re: whitelists and active directory help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Samuel ¡!!

 

  The way i´m doing this is creating two text files for each group. One with the authorized usernames to use this group, and another with the authorized domains.  

 

acl pag-gm-ventas dstdomain "/etc/squid/acl/pag-gm-ventas"

acl usu-gm-ventas proxy_auth "/etc/squid/acl/usu-gm-ventas"

acl pag-gm-servicio dstdomain "/etc/squid/acl/pag-gm-servicio"

acl usu-gm-servicio proxy_auth "/etc/squid/acl/usu-gm-servicio"

 

http_access allow usu-gm-ventas pag-gm-ventas

http_access allow usu-gm-servicio pag-gm-servicio

 

http_access deny all

 

  Everything else is denied.

 

Regards

 

Horacio Díaz-Requejo

 

De: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] En nombre de Samuel Anderson
Enviado el: viernes, 16 de enero de 2015 12:15 p.m.
Para: squid-users@xxxxxxxxxxxxxxx
Asunto: [squid-users] whitelists and active directory help

 

Hello All,

 

I'm attempting to create way to grant users access to different categories using active directory. Currently what I have works but if a website is not listed in any of the whitelists it will allow traffic to that website. If I add a (http_access deny all) at the end, then nothing works. What I would like is for a user to only have access to whitlists that they are a member of. I'll have around 50 categories in the end. This is just a small sample.

 

Thanks,

 

 

acl NEWS external ldap_group NEWS

acl SHOPPING external ldap_group SHOPPING

acl SOCIALNETWORKING external ldap_group SOCIALNETWORKING

acl RELIGION external ldap_group RELIGION

acl SPORTNEWS external ldap_group SPORTNEWS

 

acl rule1 url_regex -i "/etc/squid3/whitelists/news/domains"

acl rule2 url_regex -i "/etc/squid3/whitelists/shopping/domains"

acl rule3 url_regex -i "/etc/squid3/whitelists/socialnetworking/domains"

acl rule4 url_regex -i "/etc/squid3/whitelists/religion/domains"

acl rule5 url_regex -i "/etc/squid3/whitelists/sportnews/domains"

 

 

http_access deny rule1 !NEWS all

http_access deny rule2 !SHOPPING all

http_access deny rule3 !SOCIALNETWORKING all

http_access deny rule4 !RELIGION all

http_access deny rule5 !SPORTNEWS all

http_access allow all

 

 

 

 

 

 

CONFIDENTIALITY NOTICE:

This e-mail and any attachments are confidential. If you are not an intended recipient, please contact the sender to report the error and delete all copies of this message from your system.  Any unauthorized review, use, disclosure or distribution is prohibited.

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux