Hi,
I have a complicated acl access setup to achieve the following
scenario:-
1 No access to the Internet at weekends
2 Access between 9am-1pm & 2pm-4:30pm weekdays with auth
3 Access between 4:30-6:30pm Thurdays with auth
4 Access between 4:30-6:30pm wordDays from machine 10.1.129.15 with auth
5 All other times, access is denied
All works apart from 4 and 5, I think it is an http_access order
problem, The IT club is being denied access on Thursday nights and the
resource machine has the same problem.
I hope someone can help me out.
Here are my rules:-
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl deniedsites url_regex "/usr/local/etc/squid/squid-deny.txt"
acl allowedsites url_regex "/usr/local/etc/squid/squid-allow.txt"
acl porn url_regex "/usr/local/etc/squid/porn.block.txt"
acl noporn url_regex "/usr/local/etc/squid/porn.unblock.txt"
acl structuredTime time MTWHF 09:00-16:30
acl itclubTime time H 16:30-18:40
acl resourceTime time MTWHF 16:30-18:30
acl nunneym src 10.1.129.15
acl weTime time AS 00:00-23:59
acl amTime time MTWHF 00:00-08:59
acl pmTime time MTWHF 16:30-23:59
acl midTime time MTWHF 13:00-13:59
acl password proxy_auth 300
http_access allow manager localhost
http_access allow manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
http_access deny deniedsites
http_access allow allowedsites
http_access allow password
http_access deny amTime
http_access deny pmTime
http_access deny weTime
http_access deny midTime
http_access allow structuredTime
http_access allow itclubTime
http_access allow resourceTime nunneym
http_access allow noporn all
http_access deny porn
http_access allow all
-- He came from Econet - Oh no, I've run out of underpants :( Home:- jaydee@wizdom.org.uk http://www.wizdom.org.uk Shadow:- webmaster@shadow.org.uk http://www.shadow.org.uk Work:- netman@hinwick.demon.co.uk http://www.hinwick.demon.co.uk Web site Monitoring:- http://www.shadow.org.uk/SiteSight/ -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Thu Oct 12 2000 - 11:27:23 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:44 MST