[squid-users] Are these acl / http_access correct ?

Hi all,

I'm fairly new to squid, and i'm trying to configure it for filtering web
access from multiple vlans, allowing such of them going to some destinations
(and nowhere else), and others... going to others destinations, etc.. All
other vlans are granted to go everywhere (I hope this is clever... I'm
french... sorry! :-))

Here is how i think it can be done... but i doubt. Could you please tell me
if this is good, and if not, could you explain me what to do to have a
correct filtering configuration.

Thanks a lot!

################################################
### SOURCES ###
# [VLAN 1]
acl src_vlan_1 src 192.168.1.0/24

# [VLAN 2]
acl src_vlan_2 src 192.168.2.0/24

# [Tous VLANs]
acl all src all

################################################

### DESTINATIONS ###
# [VLAN 1]
acl dst_VLAN1_SITES dstdomain .google.fr .yahoo.com

# [VLAN 2]
acl dst_VLAN2_SITES dstdomain .voila.fr .altavista.com

# [All destinations]
acl ALL_INTERNET dst 0.0.0.0/32

################################################

### AUTORISATIONS ###

# VLAN 1
http_access allow dst_VLAN1_SITES src_vlan_1
http_access deny src_vlan_1 ALL_INTERNET

# VLAN 2
http_access allow dst_VLAN2_SITE_CLIENT src_vlan_2
http_access deny src_vlan_2 ALL_INTERNET

http_access allow all ALL_INTERNET

-- 
View this message in context: http://www.nabble.com/Are-these-acl---http_access-correct---tp24588523p24588523.html
Sent from the Squid - Users mailing list archive at Nabble.com.