Dear Marcelo,
You could create aditional acl's to list the sites that you want to be able
to access but because acl statements are in the form of{this OR this OR
this} and http_access statements are in the form of {this AND this AND this}
you would be forced to create a new acl statement for each site.
I recommend the following. (note that I've never tryied it but i believe it
should work)
---
Create the all acl:
acl all src 0.0.0.0/0.0.0.0
Block all ftp access using a simple acl like the following:
acl ftpa url_regex ^ftp://
Create a text file (eg allowedsites.txt) containing all the urls you want to
provide access to. You could even enter keywords/part of the url. Add the
following statement to your squid.conf:
acl permitftp urlpath_regex "/usr/local/squid/allowedsites.txt"
Finally setup the http_access statements.
http_access deny ftpa all !permitftp # don't forget to add the "!"
before permitftp
---
In this way you block ftp access to everything but the sites listed in this
text file.
Be very carefull though because anyone that has access to that file can
allow ftp access to certain sites.
Good luck...
Panagiotis S. Malakoudis
Systems Administrator
SPACE HELLAS S.A.
----- Original Message -----
From: "Marcelo Carneiro Rodrigues" <marcelo@tse.gov.br>
To: <squid-users@ircache.net>
Sent: Monday, November 29, 1999 9:23 PM
Subject: Ftp ACL.
>
>
> the last thing i need to finish setting my squid :
>
> how to block access to all ftp sites, except the sites included in a
> predefined list ?
>
> example:
>
>
> need to access ftp://ftp.symantec.com and ftp://ftp.netscape.com, but
> block all others.
>
>
> thanks for any help,
>
>
> Marcelo
Received on Tue Nov 30 1999 - 01:04:21 MST
This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT