[squid-users] Allow msn messenger but no porn

From: Mario Maradiaga <mario.maradiaga@dont-contact.us>
Date: Wed, 09 Feb 2005 17:11:56 -0600

Hi everyone,

 This is my first e-mail to the list and I hope you can help. I`m
running the lates squid stable on a Red Hat 7.3, the problem I have is
the following:

Everyone of the computers in the office except for the IT oneīs access
the Internet with ncsa authentication. The following acl takes care of
all the ipīs inside the office, acl office src "/etc/squid/etc/work", I
have a respective acl to ban porn, acl porn url_regex
"/etc/squid/etc/nosex", and a respective acl to block msn, acl msn
req_mime_type -i ^application/x-msn-messenger$.

The http_access looks kinda like this:
http_access deny paginas
....some other acl's
http_access deny msn
....some other acl's
http_access allow office password

Like I said the IT pcīs are not included on the squid configuration file
because they're doing NAT directly through the firewall.
I am now required to allow acces to the msn messenger only on one PC,
the sales manager PC, but I donīt know how to give msn access to it
without allowing it to view porn. Hereīs what I tried: I added the ip to
the NAT table on my firewall and removed it from the office ip list
requiring password but left the Internet Explorer on the pc still
configured to access internet via squid, this way I think he will be
able to access msn but still be affected by the aclīs on squid thus
blocking the porn sites. But it didn`t work.
Any ideas are welcome or point out anything I left out.

Thanx,

Mario Maradiaga
Received on Wed Feb 09 2005 - 16:11:58 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST