Re: [squid-users] acl to allow sites on SQL or LDAP

From: Eliezer Croitoru <>
Date: Fri, 06 Jul 2012 04:48:37 +0300

On 7/4/2012 5:37 PM, Marcio Merlone wrote:
> Hi all,
> I am administering 3 squid 3.0.STABLE19-1ubuntu0.2 proxies on 3
> different sites, and managed to read group membership on LDAP using
> external_acl_type and squid_ldap_group without a problem. The last bit I
> need to make this a dream proxy cluster is also store the allowed sites
> on LDAP (preferably).
> I searched the net for something like this, but all I get is about user
> auth, nothing regarding allowed sites list. Can someone help me find the
> way for that, if any?
> Thanks in advance and best regards.
i added some new features and changed some methods in the server:

added method to redirect using 302 redirection in case you dont want to
just rewrite the url.
also added cache module as a preparation to move from my greasyspoon to
Echelod only mode.

added matching dstdomain squid like acl using mysql db as storage for
the dstdomains.

#can block spyware\porn\proxy\others
added matching squidguard blacklists domains acl using mysql db as
storage for the list of domains.

i will post later some more info on how to use etc.

if you have only couple groups in the meanwhile we can use icap request
urls and ldap external_acl to match the group and the access to specific
namespace and for each one of the groups maintain separate block acl table.


Eliezer Croitoru
IT consulting for Nonprofit organizations
eliezer <at>
Received on Fri Jul 06 2012 - 01:48:45 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 06 2012 - 12:00:01 MDT