[squid-users] Problems with different kinds of access

From: Rafael Bayona <linuxquestions@dont-contact.us>
Date: Wed, 27 Mar 2002 16:58:52 -0500

Hi, I'm trying to create different groups of users, each of one is
authorized to access (better: not to access) several pages. Authentication
works fine, and restrictions are working for some leves, but the problem is
that it's not working perfect. For example, level 5 (nivel5), which is
supossed to access everything without restrictions, have problems accessing
some pages, and level 2 (nivel2) is able to see porn (listed in the file),
and that's not the idea.

The file "porn" contains a large list of porn sites. "correo" a list of
common webmail servers, "msn" and "ymsn" words related to servers of Yahoo
messenger or MSN, and "basura" a list of websites where you usually waste
your time.

What is wrong here? What am I missing?

Thanks for your help,

Rafael

My squid.conf:

acl all src 0.0.0.0/0.0.0.0
acl nivel1 proxy_auth "/etc/squid/usuarios/nivel1"
acl nivel2 proxy_auth "/etc/squid/usuarios/nivel2"
acl nivel3 proxy_auth "/etc/squid/usuarios/nivel3"
acl nivel4 proxy_auth "/etc/squid/usuarios/nivel4"
acl nivel5 proxy_auth "/etc/squid/usuarios/nivel5"
acl porno url_regex -i "/etc/squid/usuarios/porno"
acl intranet dstdomain www.setecsa.com 195.69.0.44
acl msn url_regex -i "/etc/squid/usuarios/msn"
acl correo url_regex -i "/etc/squid/usuarios/correo"
acl ymsn url_regex -i "/etc/squid/usuarios/ymsn"
acl noftp protocol FTP
acl basura url_regex -i "/etc/squid/usuarios/basura"
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535 81
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow nivel1 intranet
http_access allow nivel2 !porno !msn !ymsn !basura !noftp !correo
http_access allow nivel3 !porno !msn !ymsn !basura !noftp
http_access allow nivel4 !porno !noftp
http_access allow nivel5
http_access deny all
miss_access allow all
http_port 3128
Received on Wed Mar 27 2002 - 14:55:15 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:08 MST