[squid-users] Composit ACL

Dear All,
I am new to Linux, but I have successfuly loaded Squid 2.6.STABLE 4 on Fedora 6
I am using NCSA authentication, chpasswd and sarg for reporting.

I want Squid to

1. Use NCSA authentication. (working fine)
2. Restrict users to download files with specific extentions (working fine)
3. Allow user 'xyz' to view our organisation site only ' www.xyz.co.in'
(not working - xyz is surfing all the other sites also. How to
restrict to one site only??)
4. Restrict other users to porn site (working fine)
5. Restrict users to use messengers (yet to check)
6. Allow user 'abc' to even download and user messenger. (confuse how
to write acl?)

Key portion of squid conf is as follows:

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
acl ncsa_users proxy_auth REQUIRED
acl user1 proxy_auth xyz
acl site dstdomain .xyz.co.in
acl reso src 172.16.251.0/255.255.255.0
acl restricted_files urlpath_regex -i ftp \.exe$ \.zip$ \.tar.gz$
\.gz$ \.rar$ \.mp3$ \.mp4$ \.avi$ \.mpeg$ \.mpg$ \.ram$ \.rm$ \.iso$
\.wav$ \.mov$ \.tar$ \.mdb$ \.dat$
acl msn url_regex -i gateway.dll
acl yahoo url_regex -i ^http://shttp.msg.yahoo.com
acl yahoo url_regex -i ^ http://pgq.yahoo.com
acl yahoo url_regex -i ^http://mtab.games.yahoo.com
acl yahoo url_regex -i ^ http://insider.msg.yahoo.com
acl yahoo url_regex -i ^ http://address.yahoo.com
acl yahoo url_regex -i ^http://insider.msg.yahoo.com/ycontent/?
acl yahoo url_regex -i ^http://us.il.yimg.com
acl porn url_regex "/etc/squid/porn.txt"
acl noporn url_regex "/etc/squid/noporn.txt"

http_access deny porn !noporn
http_access deny yahoo
http_access deny msn
http_access deny restricted_files
http_access allow ncsa_users
http_access allow user1 site
http_access allow reso

# And finally deny all other access to this proxy
http_access allow localhost
http_access deny all

can any body help me to edit my acl to get the desired output.

Regards

Arun Shrimali
Received on Fri Sep 14 2007 - 22:51:07 MDT