On 7/8/05, Eganya Alfredo <eganyaalfredo@yahoo.es> wrote:
>
> internal sites:
> web.aza.cl
> mail.aza.cl
>
> external site:
> *.cl
> *.com
> *.net
>
> team free:
> 125.1.1.0/24
> can acces all the web(external sites)
>
> team blocked:
> 125.1.7.0/24
> just internal sites
>
# the dot before the domain names is important ( .google.com )
acl intsites dstdomain .aza.cl
acl extsites dstdom_regex \.cl$ \.com$ \.net$
acl freeteam src 125.1.1.0/24
acl blockteam src 125.1.7.0/24
http_access allow blockteam intsites
http_access deny blockteam !intsites
# if you do not want freeteam to access internal sites
# http_access deny freeteam intsites
http_access allow freeteam extsites
# and last rule deny all
http_access deny all
-----
I hope this solves your problem.
visolve has good documentation about squid ACLs
http://squid.visolve.com/squid/squid24s1/access_controls.htm#acl
-- Regards. Abu KhaledReceived on Fri Jul 08 2005 - 07:43:41 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Aug 01 2005 - 12:00:02 MDT