Re: allowing users to access particular domains

Thanks Ilker,

It does work with restricting client IP addresses. However, what we
very much want is restricting it at user level? I've tried placing,
the . (dot) on fedex.com but still that didn't help. How do I prevent
users 1 - 4 from accessing sites beyond what is allowed only for them?
And users 5-6 which can access any site?

Thanks and regards,
Joel

Ilker Gokhan wrote:

> Ohh.. It should work. it has been worked at my attempts with client IP
> instead of ident user. Also:use the following name with dot.fedex.com
> this mean that only hostname--> .fedex.com this mean that domain
> name.yahoo.com --> .yahoo.comBest regards.Ilker G.
>
> -----Original Message-----
> From: Joel Taqueban [mailto:jtaqueba@apme-ops.dhl.com]
> Sent: Thursday, June 22, 2000 3:27 AM
> To: Ilker Gokhan; squid-users@ircache.net
> Subject: Re: allowing users to access particular domains
> Thanks Ilker,
>
> I tried that but still users 1-4 could access the whole
> net. Anything else I need to look into?
>
> Joel
>
> R.Ilker Gokhan wrote:
>
> >
> >
> > >-----Original Message-----
> > >From: Joel Taqueban [mailto:jtaqueba@apme-ops.dhl.com]
> > >Sent: Thursday, June 01, 2000 1:48 PM
> > >To: squid-users@ircache.net
> > >Subject: allowing users to access particular domains
> >
> > gets to access:
> > > user1, user2 only www.fedex.com
> > www.ups.com
> > > user3, user4 only the above sites
> > pus: cnn.com
> > yahoo.com
> > > user5, user6 all sites
> >
> > >where the above users are valid users from my ldap
> > server.
> > >I tried defining this on my squid.conf file.
> > >acl allowedsites1 dstdomain fedex.com ups.com
> > >acl allowedsites2 dstdomain fedex.com ups.com yahoo.com
> > cnn.com
> > >acl customer_service ident user1 user2
> > >acl supervisors ident user3 user4
> > >acl management ident user5 user6
> > >http_access allow allowedsites1 customer_service
> > >http_access allow allowedsites2 supervisors
> > >http_access allow management
> >
> > Try:
> > remove this line : http_access allow management
> > http_access deny all !management
> >
> > remove : >http_access deny all
> >
> > >However, user1 to user4 still could access sites that
> > should have been restricted for them.
> > >What seems to be wrong with my ACL above? Do I have the
> > right http_access definition for user5 >and user6 who are
> > in 'management' ACL?
> >
> > >Joel
> >
> > Ilker G.
> > P.S please don't send mail with HTML format.
>
Received on Mon Jul 03 2000 - 06:48:32 MDT