RE: [squid-users] http access

From: Joost de Heer <sanguis@dont-contact.us>
Date: Thu, 10 Feb 2005 12:22:38 +0100 (CET)

>> I however just cannot wrap my head around the
>> SQUID HOWTO that deals with this type of control.

> Check, the squid FAQ on access controls.

Don't blindly refer to the FAQ, but read first....

>Limit certain users or groups of users to accessing only certain sites that
>are preapproved by management. I however just cannot wrap my head around the
>SQUID HOWTO that deals with this type of control.

Steps:

- Make an auth_param authentication helper (I assume you already have this
running)

- Make an ACL for the special users, and an ACL for the special sites:

acl SPECIAL_USERS proxy_auth name1 name2 name3 [...]
acl SPECIAL_SITES dstdomain www.site1.com www.site2.com [...]

If the list is very long, you can use "/path/to/filename" instead of the
name/domain list. This file contains one name/domain per line.

- Then use

http_access allow SPECIAL_USERS SPECIAL_SITES
http_access deny SPECIAL_USERS

This will allow the special users to access the special sites, but the
rest is denied.

Joost
Received on Thu Feb 10 2005 - 04:19:21 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST