Re: [squid-users] Http access control

From: newbie <trykde@dont-contact.us>
Date: Mon, 11 Mar 2002 00:14:23 -0500

My guess:

1. duplicated acl names (allowed_hosts)
2. wrong netmask
3. didn't end with "deny"

Here is my try:

acl all_hosts src 0.0.0.0/0.0.0.0
acl allowed_host1 src 192.168.0.4/255.255.255.255
acl allowed_host2 src 192.168.0.20/255.255.255.255

http_access allow allowed_host1
http_access allow allowed_host2
http_access deny all_hosts

Hope this works,

-newbie

Su - wrote:
> Hi
> I using Squid v2.3. Now i like to control only certain
> PCs, eg. PC with Ip Address of 192.168.0.4 ,
> 192.168.0.20 are allowed to access Internet. My
> network IP address is from 192.168.0.1 -> 192.168.0.50
> , Subnet 255.255.255.0
>
> How can i do so ?
>
> I tried this way :
>
> #acl allowed_hosts src 192.168.0.0/255.255.255.0
> acl allowed_hosts src 192.168.0.4/255.255.255.0
> acl allowed_hosts src 192.168.0.20/255.255.255.0
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> http_access allow allowed_hosts
> #http_access allow manager localhost
> #http_access deny manager
> http_access allow !Safe_ports
> http_access allow CONNECT !SSL_ports
>
> But when i test , still all PCs able to do so. The
> result i got, is either deny all PCs, or allow all
> pCs.
>
> Please advice
>
> TQ
> regards
> Su
Received on Sun Mar 10 2002 - 22:10:38 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:49 MST