Hi!
On Thu, Feb 5, 2009 at 10:02 PM, jjrowan <squid_user_at_rownetco.com> wrote:
> A customer has a problematic employee that spends excessive time on
> Facebook, Myspace and FoxSports. They are willing to let him access these
> sites before and after work and during lunch but during office hours they
> want him and others restricted from these sites. I found examples but they
> either entirely block access or nothing, they don't do anything based on
> time. I want to allow the user to get to the sites on their time but
> restrict them during work. I don't know why these don't work.
> acl baduser src 192.168.1.3
> acl early time 05:00-08:29
> acl morning time 08:30-11:59
> acl lunch time 12:00-12:30
> acl afternoon time 12:31-16:30
> acl afterwork time 16:31-23:59
>
> acl bad_url dstdomain "/etc/squid/bad-sites.squid"
>
> http_access allow baduser early lunch afterwork bad_url
yike... that will never apply: baduser AND early (05:00-08:29) AND
lunch (12:00-12:30) AND afterwork (16:31-23:59). so, you are asking
that the time is simultaneously on three, non-overlapping, periods of
time.
Try this:
acl baduser src 192.168.1.3
acl user_time time 05:00-08:29
acl morning time 08:30-11:59
acl user_time time 12:00-12:30
acl afternoon time 12:31-16:30
acl user_time time 16:31-23:59
acl bad_url dstdomain "/etc/squid/bad-sites.squid"
http_access allow baduser user_time bad_url
as for the deny, you solve it as a homework. Btw, there is an even
simplier way.
> http_access deny baduser morning bad_url
> http_access deny baduser afternoon bad_url
>
>
> Contents of /etc/squid/bad-sites.squid
> .myspace.com
> .facebook.com
> .foxsports.com
>
>
Received on Thu Feb 05 2009 - 02:56:24 MST
This archive was generated by hypermail 2.2.0 : Thu Feb 05 2009 - 12:00:01 MST