Re: [squid-users] ACLs based on Time and LDAP groups

Hello everybody,

I finally tracked down the problem. I have installed the NTP server daemon
on the server running squid. Due to some bug in RH 7.3, the NTP daemon sets
the local time zone to UTC. Our time zone is IST, 5 1/2 hours ahead of UTC.

So, acl permit_lunchtime time MTWHFA 14:30-15:00 was actually in UTC
translated to 20.00 - 20.30 in IST. I corrected the problem by changing the
acl to 09.00-09.30.(UTC again) Now, it works fine.

Moral of the story - Never put the NTPD daemon on a server using local time
for anything. I feel like an ass, but anyways thanks everybody for your
suppport :-)

Regards,
Michael Fuller

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "Michael Fuller / Hotmail" <fullerms@hotmail.com>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, November 27, 2002 5:02 PM
Subject: Re: [squid-users] ACLs based on Time and LDAP groups

> I see no reason why your time ACL should not work.
>
> Is there any errors reported by "squid -k parse"?
>
> Regards
> Henrik
>
> Michael Fuller / Hotmail wrote:
> >
> > Hello all,
> >
> > I am trying to construct an acl which will permit members of LDAP group
> > "lunchbrowsers" to browse only during specific times of the day, Monday
to
> > Friday. I have not been sussesful so far.
> >
> > These are my acls:
> >
> > acl permit_lunchtime time MTWHFA 14:30-15:00
> > acl ldap_lunchbrowse external ldapgroup lunchbrowsers
> >
> > http_access allow ldap_lunchbrowse permit_lunchtime
> >
> > This is not working and the users NEVER get acess :-(
> >
> > If I construct an http_access line like this;
> >
> > http_access allow ldap_lunchbrowse ---- The user gets access, and
of
> > course without any restrictions.
> >
> > How do I restrict these users to the specified times ?
> >
> > Please help
> >
> > Regards,
> > Michael Fuller
>
Received on Wed Nov 27 2002 - 21:55:18 MST