RE: [squid-users] Acl for blocking sites not working - what can i DO?

From: Abd-Ur-Razzaq Al-Haddad <Abdur.Alhaddad@dont-contact.us>
Date: Mon, 24 Sep 2007 14:35:35 +0100

Still not working.. how have you got it configured?

-----Original Message-----
From: Emiliano Vazquez [mailto:emilianovazquez@gmail.com]
Sent: 24 September 2007 1:54 PM
To: Abd-Ur-Razzaq Al-Haddad
Subject: Re: [squid-users] Acl for blocking sites not working - what can i DO?

You need to make another ACL and use this.

#### Blocking some http´s
acl block url_regex -i "/squid/etc/files/block"
http_access deny block ### (before your http_access allow lan)

The file /squid/etc/files/block contain this:
adaware.com
addaware.com
addriller.com
...
...
...
advancedsearchbar.com
...
etc

Next you need to reconfigure your squid

# squid -k reconfigure

Best Regards. Emiliano Vazquez.

----- Original Message -----
From: "Abd-Ur-Razzaq Al-Haddad" <Abdur.Alhaddad@carronenergy.com>
To: <squid-users@squid-cache.org>
Sent: Monday, September 24, 2007 9:29 AM
Subject: [squid-users] Acl for blocking sites not working - what can i DO?

> Hi all I've got 2.6 stable running on OpenSuse 10.2
> I can't seem to get the squid to use the internal acls to block
> sites/domains.. how can this be achived?
>
>
>
>
> Squid.conf
>
> #Recommended minimum configuration:
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> acl lcl src 192.168.0.0/16
> acl NTLMUsers proxy_auth REQUIRED
> acl blocksites urlpath_regex “/etc/squid/blocks.sites.acl”
>
> #Recommended minimum configuration:
> #
> # Only allow cachemgr access from localhost
> http_access allow manager localhost
> http_access deny manager
> # Deny requests to unknown ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
> #
> # We strongly recommend the following be uncommented to protect innocent
> # web applications running on the proxy server who think the only
> # one who can access services on "localhost" is a local user
> #http_access deny to_localhost
> #
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
>
> # Example rule allowing access from your local networks. Adapt
> # to list your (internal) IP networks from where browsing should
> # be allowed
> #acl our_networks src 192.168.1.0/24 192.168.2.0/24
> #http_access allow our_networks
> http_access allow localhost
> http_access deny blocksites
> http_access allow lcl NTLMUsers
>
> # And finally deny all other access to this proxy
> http_access deny all
>
>
> In the DENY_INFO SECTION******
> deny_info ERR_BLOCKED_SITES blocksites
>
>
>
>
>
> Abd-Ur-Razzaq Al-Haddad
> IT Analyst
>
>
> 9 Queen Street London W1J 5PE
>
> Tel: +44 (0)207 659 6620 Fax: +44 (0)207 659 6621
> Direct: +44 (0)207 659 6632 Mob: +44 (0)7738 787881
> abdur.alhaddad@carronenergy.com
>
>
>
>
>
>
> The information contained in this email or any of its attachments may be
> privileged or confidential and is intended for the exclusive use of the
> addressee. Any unauthorised use may be unlawful. If you received this
> email by mistake, please advise the sender immediately by using the reply
> facility in your email software and delete the email from your system.
>
> Carron Energy Limited. Registered Office 9 Queen Street, London W1J 5PE.
> Incorporated in England and Wales with company number 5150453
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
Received on Mon Sep 24 2007 - 07:38:06 MDT

This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT