Re: [squid-users] Access list of sites after password is given

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 14 Aug 2002 13:58:23 +0200

TSIOLAS KOSTAS wrote:
> hi there,
> i want to create a special acl policy about my clients.
> All clients can access almost everything but i want some of them to give
> them totally access to everything.
> Those who have access to everything when they want to visit for example
> www.example.com (list of sites i dont want everyone to access)
> to give a password to continue.
> Can this be done? I use Squid 2.4.

Sure. Just remember that http_access is a ordered list of rules. The first
http_access that completely matches the request determines if it is to be
allowed or denied.

See the Squid FAQ on how to set up authentication. Then configure Squid like
this

acl my_networks src .....
acl restricted_sites dstdomain www.example.com ...
acl vip_users proxy_auth ...

http_access deny !my_networks
http_access allow restricted_sites vip_users
http_access deny restricted_sites
http_access allow my_networks
http_access deny all

or alternatively

http_access deny !my_networks
http_access allow my_networks !restricted_sites
http_access allow restricted_sites vip_users
http_access deny all

(a number of other setups is also possible)
Received on Wed Aug 14 2002 - 05:58:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:37 MST