Actually squid.conf is not by far as complex as it looks.
The only two directives you need to consider for your access control
requirements is
acl to create lists of sites and/or users
http_access to allow/deny access based on the above acls.
Then insert the needed rules where instructed in suqid.conf (search for
YOUR OWN).
acl our_networks src 192.168.1.0/24 ...
acl allowed_sites dstdomain ...
http_access allow our_networks allowed_sites
is the only three lines you need to add for your access control needs
When you have a running suqid.conf I'd also strongly recommend to filter
out all the documentation comments. The "beast" gets much more
manageable that way. If you need to read the documentation you always
have squid.conf.default, and it is guaranteed to contain the
documentation of the actual version you have installed not only the
version you first configured...
The following perl command should strip down your squid.conf to only the
actual configuration directives:
perl -i.full -n -e 'print if /^[a-z]/' squid.conf
Then add a few comments explaining your own configuration changes.
Regards
Henrik
Rich Foster wrote:
> I am trying to set up a squid proxy to deny by default... any websites that
> need
> to be viewed by the company can then be added manually. The squid.conf file
> is a
> pretty complex looking beast and I don't want to bust anything before I even
> get the
> proxy off the ground... I was just wondering if anyone knew which are the
> main
> settings I am going to need to edit, and which I should definately leave
> alone.
>
> I don't want to have squid act as a cache, just allow or deny internet
> traffic based
> on final destination.
Received on Tue Nov 26 2002 - 08:24:42 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:34 MST