*nix Thread, Squid3 - ACL in Technical; I've just installed a squid server and am trying to have it so all sites are blocked unless there are ...
-
16th January 2009, 03:51 PM #1 Squid3 - ACL
I've just installed a squid server and am trying to have it so all sites are blocked unless there are in a file that we have added (a whitelist basically).
Can anybody assist me in how to achieve this? Followed this guide
SquidFaq/SquidAcl - Squid Web Proxy Wiki
But it isn't working for me? What am I doing wrong? Here's the relevant parts of conf
Code:
acl AllowedSites dstdomain "/etc/squid3/AllowedSites"
acl localnet src 10.0.0.0/8
Code:
http_access allow localnet
http_access allow AllowedSites
http_access deny all
-
-
IDG Tech News
-
16th January 2009, 05:39 PM #2 
Originally Posted by
Hightower 
Code:
acl AllowedSites dstdomain "/etc/squid3/AllowedSites"
acl localnet src 10.0.0.0/8
Code:
http_access allow localnet
http_access allow AllowedSites
http_access deny all
I'm working from memory here using Squid 2.* as a reference, but parsed that reads (iirc): Let everyone from the local network access stuff. Let everyone access the sites in allowed sites. Deny everyone else.
Try changing to:
Code:
http_access deny !localnet
http_access deny !AllowedSites
http_access deny all
Which says "if you're not on a 10.*, no access. If you're not looking at a whitelisted site, no access." You may need an allow in there somewhere, I don't have a squid.conf in front of me.
Last edited by pete; 16th January 2009 at 05:51 PM.
-
-
19th January 2009, 09:52 AM #3 Right - sussed it with this:
Code:
http_access deny !localnet
http_access allow allowedsites
http_access deny all
P.S. How do I restart the squid server from a website (i.e. Click here to restart server)
-
-
20th January 2009, 04:30 PM #4 Have you installed webmin? This one of the best webbased remote server control. In webmin goto servers>>squid>>start/stop Squid
-
-
23rd January 2009, 10:56 AM #5 Originally Posted by
wensleydale Have you installed webmin? This one of the best webbased remote server control. In webmin goto servers>>squid>>start/stop Squid
No, I don't want to install webmin. I have a custom webpage and I want to be able to click a link on it to restart squid - is this possible?
-
-
23rd January 2009, 11:27 AM #6 Key thing that I picked up in Squid is that it processes the lines in order. As soon as it comes to something which matches "allow" then it stops. In your example "allow localnet" comes first so anyone on "localnet" can do anything and that's why reversing the logic works - you're now saying "allow these sites" and "deny everything if they're not on my network"
-
-
23rd January 2009, 11:32 AM #7 Originally Posted by
srochford Key thing that I picked up in Squid is that it processes the lines in order. As soon as it comes to something which matches "allow" then it stops. In your example "allow localnet" comes first so anyone on "localnet" can do anything and that's why reversing the logic works - you're now saying "allow these sites" and "deny everything if they're not on my network"
Not having a problem with it now - sorted (as posted above) - Just need to know how to restart the server from a custom webscript?
-
SHARE: 
Similar Threads
-
By kevin_lane in forum Coding
Replies: 1
Last Post: 19th December 2008, 06:09 PM
-
Replies: 7
Last Post: 2nd August 2008, 01:34 PM
-
By alonebfg in forum EduGeek Joomla 1.0 Package
Replies: 1
Last Post: 21st March 2008, 04:19 PM
-
Replies: 20
Last Post: 20th April 2007, 08:55 AM
-
Replies: 4
Last Post: 25th October 2006, 08:38 PM
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
LinkBack URL
About LinkBacks
