Re: [squid-users] proxy with no authentication but IP restrictions

From: Simon White <simon@dont-contact.us>
Date: Thu, 21 Mar 2002 09:53:50 +0000

21-Mar-02 at 11:45, Rommel, Florian (Florian.Rommel@quartal.com) wrote :

> I'd like to know what the relevant configuration options are that need to be
> tweaked... i have 2 reverse proxies (squid) here and they work nicely but
> never made a normal (forward) proxy with those restrictions.. so anything
> pointing into the right directions would be appreciated........ specifically
> with what options you redirect the user who is trying to access a "forbidden"
> page and how to restrict the ip ranges that can use the proxy...

Hello,

You need to look at acl in squid.conf. Basically, you can set up an acl for
the IP range:

acl mynet src 192.168.0.1/24
acl all src 0.0.0.0/0
http_access allow mynet
http_access deny all

Will allow only mynet to use the proxy. To forbid pages

acl porn dstdomain .sex.com

then change the line with allow above to read

http_access allow mynet !porn

For example. You can customise error pages, let me know if you need this info
too, although it can all be found in the squid.conf file.

-- 
John Lennon:--v [Simon White. vim/mutt/Linux. simon@mtds.com. GIMPS: 48.08%] 
Sometimes we sit and read other people's interpretations of our lyrics
and think, 'Hey, that's pretty good.' If we liked it, we would keep our
mouths shut and just accept the credit as if it was what we meant all along.
Received on Thu Mar 21 2002 - 02:53:52 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:01 MST