> I using Squid v2.3. Now i like to control only certain
> PCs, eg. PC with Ip Address of 192.168.0.4 ,
> 192.168.0.20 are allowed to access Internet. My
> network IP address is from 192.168.0.1 -> 192.168.0.50
> , Subnet 255.255.255.0
>
> How can i do so ?
>
> I tried this way :
>
> #acl allowed_hosts src 192.168.0.0/255.255.255.0
> acl allowed_hosts src 192.168.0.4/255.255.255.0
> acl allowed_hosts src 192.168.0.20/255.255.255.0
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> http_access allow allowed_hosts
> #http_access allow manager localhost
> #http_access deny manager
> http_access allow !Safe_ports
> http_access allow CONNECT !SSL_ports
>
> But when i test , still all PCs able to do so. The
> result i got, is either deny all PCs, or allow all
> pCs.
Try:
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow allowed_hosts
(http_access deny all)
You have to put the allowed host on the end, and you have to DENY the
!Safe-ports and !SSL_ports. Mind the "!".
Hermann
Received on Mon Mar 11 2002 - 01:17:25 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:49 MST