On Thursday 05 January 2006 01:09, Dustin wrote:
> I need to give limited access to a few web sites to one group, then
> denying access to all else for that group. Another group will have
> full internet access.
You don't explain which group is supposed to do what. So I'll guess.
> From the faq, it seems as though this config
> should work, but it doesn't:
>
> acl localnet proxy_auth REQUIRED src 10.100.3.0/24
This ACL is invalid (I wonder why Squid didn't complain). Either it's
acl localnet proxy_auth REQUIRED
or
acl localnet src 10.100.3.0/24
> acl Full_InetAllow external win_domain_group Web_access_full
> http_access allow Full_InetAllow
>
> acl de_urls dstdomain .fedex.com
> acl de_InetAllow external win_domain_group Web_access_dataentry
> http_access allow de_InetAllow de_urls
>
> When I tried the following, squid would not start:
Why not? Which errors occur?
> acl de_urls dstdomain .fedex.com .ups.com
> acl de_InetAllow external win_domain_group Web_access_dataentry
> http_access allow de_InetAllow de_urls
> http_access deny all
This would mean you allow access to the de_urls for members of the
Web_access_dataentry group. Everyone else is denied access.
Perhaps you can clarify.
Christoph
-- Never trust a system administrator who wears a tie and suit.Received on Thu Jan 05 2006 - 06:02:41 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST