Re: [squid-users] Squid Multiple ACL from ScarEye on 2009-09-15 (squid-users)

From: ScarEye <scareye_at_gmail.com>
Date: Tue, 15 Sep 2009 18:57:03 -0700 (PDT)

Squid is installed on an embedded device, With 16MB of RAM and 8MB of PROM it
would fill up within a few seconds.

We have this one computer that needs access to 3 websites that I don't want
192.168.1.2-192.168.1.10 to have access to. The IP of that device will be
192.168.1.60 how would I create a seperate ACL for that device that won't
interfere with 192.168.1.2-192.168.1.10.

Thanks for your time

ScarEye

Amos Jeffries-2 wrote:
>
>
> So....
>
> On Tue, 15 Sep 2009 10:39:11 -0700 (PDT), ScarEye <scareye_at_gmail.com>
> wrote:
>> #Squid Config Stuff
>> cache_access_log none
>> cache_store_log none
>> cache_log /dev/null
>
> That log is where you find out what critical and important system errors
> are happening.
> So you as administrator can fix them.
>
>> cache_effective_user nobody
>> cache_dir null /dev/null
>> http_port 3128 transparent
>> pid_filename /var/run/squid.pid
>> visible_hostname router
>> # Supervisors With Unlimited Access
>> ## Match by MAC
>> acl supmac arp "/etc/mac.txt"
>> http_access allow supmac
>> http_reply_access allow supmac
>> ## Match By IP
>> acl supip src "/etc/supip.txt"
>> http_access allow supip
>> http_reply_access allow supip
>> # users
>> acl users src 192.168.1.2-192.168.1.10
>> acl allowedsites dstdomain "/etc/squid/acl/acl"
>> http_access allow allowedsites users
>> http_access deny !allowedsites users
>> deny_info http://www.my-site.com/ users
>> http_reply_access allow users
>> # Safe Ports
>> acl Safe_ports port 80 21 443 563 70 210 1025-65535
>> http_access deny !Safe_ports
>> # Not Safe Ports
>> acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119
>> http_access deny Dangerous_ports
>> # Anyone Not Already Matched
>> acl all src 0.0.0.0/0.0.0.0
>> http_access deny all
>>
>> So the above rules work perfectly, they do exactly I need for it to do.
>> Now,
>> what I need to do is the following.
>>
>> Add a rule to allow an IP 192.168.1.60 to look at a different acl. Like
>> acl2
>> or something.
>
> ... huh?
>
>
>
> Amos
>
>

-- 
View this message in context: http://www.nabble.com/Squid-Multiple-ACL-tp25458501p25464672.html
Sent from the Squid - Users mailing list archive at Nabble.com.

Received on Wed Sep 16 2009 - 01:57:06 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 16 2009 - 12:00:03 MDT