[SQU] Complex http access setup problem from Mark Worsdall on 2000-10-12 (squid-users)

From: Mark Worsdall <squid@dont-contact.us>
Date: Thu, 12 Oct 2000 18:24:23 +0100

Hi,

I have a complicated acl access setup to achieve the following
scenario:-

1 No access to the Internet at weekends
2 Access between 9am-1pm & 2pm-4:30pm weekdays with auth
3 Access between 4:30-6:30pm Thurdays with auth
4 Access between 4:30-6:30pm wordDays from machine 10.1.129.15 with auth
5 All other times, access is denied

All works apart from 4 and 5, I think it is an http_access order
problem, The IT club is being denied access on Thursday nights and the
resource machine has the same problem.

I hope someone can help me out.

Here are my rules:-

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl CONNECT method CONNECT
acl deniedsites url_regex "/usr/local/etc/squid/squid-deny.txt"
acl allowedsites url_regex "/usr/local/etc/squid/squid-allow.txt"
acl porn url_regex "/usr/local/etc/squid/porn.block.txt"
acl noporn url_regex "/usr/local/etc/squid/porn.unblock.txt"

acl structuredTime time MTWHF 09:00-16:30
acl itclubTime time H 16:30-18:40
acl resourceTime time MTWHF 16:30-18:30
acl nunneym src 10.1.129.15
acl weTime time AS 00:00-23:59
acl amTime time MTWHF 00:00-08:59
acl pmTime time MTWHF 16:30-23:59
acl midTime time MTWHF 13:00-13:59
acl password proxy_auth 300

http_access allow manager localhost
http_access allow manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
http_access deny deniedsites
http_access allow allowedsites
http_access allow password
http_access deny amTime
http_access deny pmTime
http_access deny weTime
http_access deny midTime
http_access allow structuredTime
http_access allow itclubTime
http_access allow resourceTime nunneym
http_access allow noporn all
http_access deny porn
http_access allow all

-- 
He came from Econet - Oh no, I've run out of underpants :(
Home:- jaydee@wizdom.org.uk       http://www.wizdom.org.uk
Shadow:- webmaster@shadow.org.uk  http://www.shadow.org.uk
Work:- netman@hinwick.demon.co.uk http://www.hinwick.demon.co.uk
Web site Monitoring:-             http://www.shadow.org.uk/SiteSight/
--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Thu Oct 12 2000 - 11:27:23 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:44 MST