Re: [squid-users] Squid ACL

From: <Arno.STREULI@dont-contact.us>
Date: Mon, 17 May 2004 15:02:05 +0200

Your first ACL allow full access from local network (192.168.1.0/24) if
your user arre inthis range squid will never go furher on the ACL check.
Move the first line at the end. So squid will proceed your deny first.

Ragards,

Arno

                                                                                                                                      
                      Skarbet
                      <tgx874sah@yahoo. To: squid-users@squid-cache.org
                      fr> cc:
                                               Subject: [squid-users] Squid ACL
                      17.05.04 14:36
                                                                                                                                      
                                                                                                                                      

Hi,
i'm using squid2.4stable7 and trying to stop user from
downloading large file and access some server.this is
my ACL:

#My Access List
acl limit_conn src 192.168.1.0/24
acl 6conn maxconn 6
acl post method post
acl exe urlpath_regex -i \.exe$
acl local src 192.168.1.0/24
acl download dstdomain .download.com
acl telecharger dstdomain .telecharger.com
acl multimedia urlpath_regex -i \.mp3$ \.mpg$ \.mpeg$
\.rm$ \.avi$ \.asf$ \.wma$ \.wav$ \.wmv$ \.ogg$
\.midi$ \.mov$ \.movie$
acl application urlpath_regex -i \.zip$ \.rar$ \.gz$
\.tgz$ \.bz2$ \.msi$ \.bin$ \.tar$ \.com$
#END My Access List

#My Rules
http_access allow local
http_access deny 6conn limit_conn
http_access deny download
http_access deny telecharger
http_access deny exe !post
http_access deny multimedia
http_access deny application
#END MY RULES

but this does not work !!!!!!!!!!!!!!!!!!! can u show
me what's wrong ?

Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/

Dialoguez en direct avec vos amis grâce à Yahoo! Messenger !Téléchargez
Yahoo! Messenger sur http://fr.messenger.yahoo.com

******************************************************************
DISCLAIMER - E-MAIL
-------------------
The information contained in this E-Mail is intended for the named
recipient(s). It may contain certain privileged and confidential
information, or information which is otherwise protected from
disclosure. If you are not the intended recipient, you must not
copy,distribute or take any action in reliance on this information
******************************************************************
Received on Mon May 17 2004 - 07:02:14 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT