Re: [squid-users] blocking all destination domain except "www.bloomberg.com" and "www.bloomberg.de" .

From: Ilker Gokhan <ilker.gokhan@dont-contact.us>
Date: Mon, 03 Feb 2003 14:46:01 +0200

Prabu Subroto wrote:
> But why does my squid still not block the user
> "sales"?
> The "sales" user can still visit the sites out of
> "www.bloomberg.de" and "www.bloomberg.com" ?
>

It is nature according to your following lines. :)

> #Recommended minimum configuration:
> acl all src 0.0.0.0/0.0.0.0
> acl sales src 192.168.23.240-192.168.23.254/32
> acl AllDomain dst 0.0.0.0/0.0.0.0
> acl AllowedDomain dstdomain .bloomberg.com
> .bloomberg.de
> # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM
> YOUR CLIENTS
> #
> # And finally deny all other access to this proxy
> http_access allow localhost
> acl password proxy_auth REQUIRED
> #http_access allow all

if you say this first (i mean http_access allow password), all people
who has got password can surf even if he/she is a member of sales. Try
this "password" line move to bottom of the access lines.

> http_access allow sales AllowedDomain
> http_access deny sales AllDomain

> http_access allow password

Best regards,
Ilker G.
Received on Mon Feb 03 2003 - 05:47:22 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:13 MST