Re: [squid-users] ACL Website Banning doesn't work

From: Emilio Casbas <ecasbas@dont-contact.us>
Date: Wed, 10 May 2006 08:45:15 +0200

mark_brimblecombe wrote:
> G'Day All,
>
> I was woundering if someone could tell me what I'm doing
> wrong with my squid.conf file. I have enabled
> authentication against the proxy and all seems to work well.
> However when I try to block websites it just
> ignores my list and lets everything through. Is it the way I
> have setup proxy passwords ? Many thanks in advance
>
> Mark
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280
> acl Safe_ports port 488
> acl Safe_ports port 591
> acl Safe_ports port 777
> #acl Safe_ports port 8080
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow password
>
> acl lan src 192.168.0.0/255.255.255.0
> acl lan1 src 192.168.1.0/255.255.255.0
> acl lan2 src 192.168.2.0/255.255.255.0
> acl lan3 src 192.168.3.0/255.255.255.0
>
> acl restricted_sites url_regex -i myspace.com
> acl restricted_sites url_regex -i schoolies.com
> acl restricted_sites url_regex -i
> killjeeseday.freewebpage.org/lol.html
> acl restricted_sites url_regex -i earth.google.com
> acl restircted_sites url_regex -i
> kh.google.com/download/earth/index.html
> acl restricted_sites url_regex -i 211.27.149.18/webbook
> acl restricted_sites url_regex -i maps.google.com
> acl restricted_sites url_regex -i runescape.com
> acl restricted_sites url_regex -i runehq.com
>
> acl user_passwords proxy_auth REQUIRED
>
here you are configured the proxy auth, but where is you using..?
> http_access deny !restricted_sites lan
> http_access deny !restricted_sites lan1
> http_access deny !restricted_sites lan2
> http_access deny !restricted_sites lan3
>
here you are let everything who isnīt in restricted_sites (all sites).
try

http_access allow !restricted_sites lan
or
http_access deny restricted_sites lan

Thanks
Emilio C.

> http_access deny all
> --------------------------------------
> This Email Was brought to you by
> WebMail
> A Netwin Web Based EMail Client
> http://netwinsite.com/webmail/tag.htm
>
>
Received on Wed May 10 2006 - 00:45:32 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT