Re: [squid-users] configuring acl for blocking (URLs and IPs/Subnets)

From: Amos Jeffries <>
Date: Tue, 15 Oct 2013 17:14:03 +1300

On 15/10/2013 4:59 p.m., Sachin Gupta wrote:
> Hi All,
> I have setup a list of URLs and IPs dumped into a file which need to
> be blocked.
> acl is setup as per documentation:


> However, upon testing, the IPs are not getting blocked. Also there are
> some subnets in the same file. Those are also not getting blocked.
> Is there a special handling required here? or this approach is
> incorrect for blocking IPs or subnets?

Based on the description I guess you have one file witha mix of things
to block on.
You need the file to be separated into different sets of properties.

For example:
  * one list of IPs
  * one list of domains
  * one list of full-URL regex patterns
  * one list of path-only regex patterns

Each set needs to be configured as a different ACL name and type
defining what property of the transation is to be tested against the
values listed in that set.
Then the http_access controls designed to test the ACLs and determine
whetherit gets allowed/denied when the ACL matches.

More details can be found at

Received on Tue Oct 15 2013 - 04:14:13 MDT

This archive was generated by hypermail 2.2.0 : Tue Oct 15 2013 - 12:00:05 MDT