RE: [squid-users] ACL By IP not working

From: Mark Barlow <mark.barlow@dont-contact.us>
Date: Mon, 21 May 2007 11:19:38 +0100

OK another go.

Firstly, you do not need to explicitly allow certain lists, if you have an
all statement, it will pass anything that you have not restricted.
Secondly, on closer inspection, I notice that you have used "any" at the end
of your 2 acl's it should be "all".

Regards
 
Mark Barlow
 

-----Original Message-----
From: Yuan Yudistira [mailto:sabukhitam@gmail.com]
Sent: 21 May 2007 11:11
To: Mark Barlow
Subject: Re: [squid-users] ACL By IP not working

Thank you for your reply,
I have fixed according to your suggestion,
but there is no luck.

PC with IP address IT and ipWartawanHiburan still can not access movies
site.

Blocked by default rule?

Any idea?

Thanks in advance

YUAN

On 5/21/07, Mark Barlow <mark.barlow@freepower.co.uk> wrote:
> Not an expert in squidguard but I'll have a stab.
>
> Not sure if it matters, but all the examples I've seen have the first
curly
> bracket on the dest line, could be the e-mail adding a carriage return.
>
> In the acl for the ipWartawanHiburan I don't think that you can have 2
> separate IP addrsses on 1 line. You can select a range i.e.
> 192.168.0.1-192.168.0.10 with a hyphen or a network with an Ip address and
> netmask. If you are selecting 2 non sequential IP addresses, put them on
> separate lines, i.e.
> src ipWartawanHiburan {
> ip 172.20.21.102
> ip 172.20.21.76
> }
>
> The only other thing I can see assuming you have cut and paste from you
conf
> file is that you are missing a space on the acl line for IT at porn!music
>
> Regards
>
> Mark Barlow
>
> -----Original Message-----
> From: Yuan Yudistira [mailto:sabukhitam@gmail.com]
> Sent: 18 May 2007 16:45
> To: squid-users@squid-cache.org
> Subject: [squid-users] ACL By IP not working
>
> Hi
>
> I have the following ACL on squidGuard.conf
>
>
> # Destination lists
> # Addresses are relative to the db directory
> dest porn
> {
> domainlist blacklists/porn/domains
> urllist blacklists/porn/urls
> }
>
> dest music
> {
> domainlist blacklists/music/domains
> urllist blacklists/music/urls
> }
>
> dest movies
> {
> domainlist blacklists/movies/domains
> urllist blacklists/movies/urls
> }
>
> dest spyware
> {
> domainlist blacklists/spyware/domains
> urllist blacklists/spyware/urls
> }
>
> dest warez
> {
> domainlist blacklists/warez/domains
> urllist blacklists/warez/urls
> }
>
> dest redirector
> {
> domainlist blacklists/redirector/domains
> urllist blacklists/redirector/urls
> }
>
> dest adv
> {
> domainlist blacklists/adv/domains
> urllist blacklists/adv/urls
> }
>
> dest drugs
> {
> domainlist blacklists/drugs/domains
> urllist blacklists/drugs/urls
> }
>
> src ipWartawanHiburan {
> ip 172.20.21.102 172.20.21.76
> }
>
> src IT {
> ip 172.20.21.186
> }
>
> # Access Control
> acl
> {
> # During Business hours
> # Stop the embarassing stuff and speed up the connecti
>
> ipWartawanHiburan {
> pass movies !porn music !spyware !warez !redirector !adv
!drugs
> any
> }
>
> IT {
> pass movies porn!music spyware warez redirector !adv !drugs
> any
> }
>
> default {
> pass !porn !music !movies !spyware !warez !redirector
> !adv !drugs all
> redirect http://172.20.21.231/blokir/
> }
> }
>
> I want to set access to a certain IP
> ipWartawanHiburan can access movies,
>
> the above acl is not working.
> Please help
>
>
> Thanks
>
> YUAN
>
> --
Received on Mon May 21 2007 - 04:19:57 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT