RE: [squid-users] deny all sites / allow some sites

From: <francisv@dont-contact.us>
Date: Thu, 5 Sep 2002 10:25:28 +0800

You forgot "dstdomain" in your first ACL. AFAIK, that's the "required"
format for Squid to match the domain.

-----Original Message-----
From: Ina Patricia Lopez [mailto:inapatricia@yahoo.com]
Sent: Thursday, September 05, 2002 10:11 AM
To: francisv@dagupan.com; squid-users@squid-cache.org
Subject: RE: [squid-users] deny all sites / allow some sites

so this will work:

acl allowed_sites dstdomain "/squid/etc/goodsites.txt"
                  ^^^^^^^^^
acl all_others dst 0.0.0.0/0.0.0.0

http_access allow allowed_sites
http_access deny all_others

where the contents of "squid/etc/goodsites.txt" are:
.hotmail.com
.yahoo.com
.mydomain.com

does the preceeding dot on a domain makes the whole domain available?

thanks,
ina patricia

--- francisv@dagupan.com wrote:
> You can also specify a source file if you want by using:
>
> acl allowed_sites {dst|dstdomain|dstdom_regex|url_regex)
> "/path/to/file"
>
> For example, to allow access to Yahoo! only:
>
> acl allowed_sites dstdomain .yahoo.com
> acl all_others dst 0.0.0.0/0.0.0.0
>
> http_access allow allowed_sites
> http_access deny all_others
>
> Just remember that "first match wins" -- if a condition matches a
> rule, that
> rule will be applied and the remainder of your rules will not be
> processed.
>
> -----Original Message-----
> From: francisv@dagupan.com [mailto:francisv@dagupan.com]
> Sent: Thursday, September 05, 2002 10:00 AM
> To: squid-users@squid-cache.org
> Subject: RE: [squid-users] deny all sites / allow some sites
>
> acl allowed_sites {dst|dstdomain|dstdom_regex|url_regex) <parameter>
> acl all_dst dst 0.0.0.0/0.0.0.0
>
> http_access allow allowed_sites
> http_access deny all_dst
>
> You can use dst (destination IP address/range), dstdomain
> (destination
> domain), dstdom_regex (destination domain using regular expression),
> or
> url_regex (URL using regular expression) to allow only the sites you
> wish
> your clients to access. The line "http_access deny all_dst" will
> effectively
> block all other sites.
>
> -----Original Message-----
> From: Ina Patricia Lopez [mailto:inapatricia@yahoo.com]
> Sent: Thursday, September 05, 2002 9:47 AM
> To: squid-user@squid-cache.org; squid-users@squid-cache.org
> Subject: [squid-users] deny all sites / allow some sites
>
> hi!
>
> how do i block all sites and then i have a list of sites
> that we only intend to go to?
>
> thanks,
> ina patricia

__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
Received on Wed Sep 04 2002 - 20:21:53 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:06 MST