[squid-users] SQUID- ACL for different time frame for different block of IP addresses.

From: thomas <thomas.xavier@dont-contact.us>
Date: Tue, 8 Feb 2005 22:46:10 +0530

Dear All
Requirement has arisen to provide access to a group of machine
categorized based on IP address.

ACL created is as follows:-

acl fulltime_ip 10.10.10.40-10.10.10.254
acl slot1_ip src 10.10.10.25 10.10.10.30 10.10.10.35
acl slot1_time time 08:00-10:00
acl slot2_ip src 10.10.10.39 10.10.10.40 10.10.10.41
acl slot2_time time 10:00-12:00
acl CONNECT method CONNECT
acl ncsa_users proxy_auth REQUIRED

HTTP_ACCESS statements are as follows:-

http_access allow localhost
http_access allow ncsa_users
http_access allow slot1_ip slot1_time
http_access allow slot2_ip slot2_time
http_access allow fulltime_ip
http_access allow Safe_ports
http_reply_access allow all
icp_access allow all
miss_access allow all
http_access allow SSL_ports
http_access deny all

Q1= With above ACL and http_access, machines are not getting denied
though they are supposed to be denied apart from their specified time
slot.

Q2= Is the http_access sequence OK? If not what should be?

Q3= Please suggest better way of doing the same?

Q4= Similar to http_access sequence, should I have to take care of acl
statement sequence too?

TIA
Received on Tue Feb 08 2005 - 10:16:17 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:01 MST