So after digging around, it looks like squidguard cant do this...such a
bummer...this would have been a huge win for me if it could have. I
found this old thread form 2002 that wants to do exactly what I want
http://marc2.theaimsgroup.com/?l=squidguard&m=102551619718278&w=2
So now my question is, can squid do this?
What can I do to achive this?
So again, basically I need to have 2 groups, one that denys everything
except an instant messaging url list, and another that denys everything
except webmail url list. However, a single person could be part of both
of those lists.
How are other people using squid to do content filtering with a more
details blacklist setup?
- Nick
-----Original Message-----
From: Nick Duda
Sent: Wednesday, October 11, 2006 4:47 PM
To: Henrik Nordstrom
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Need help with a unique squidGuard setup
No go. The first part has to be a source, and webmail is not a source,
it's a destination.
I tried the following with still no go. Without adding ! Statements on
each ACL pass rule then allows full access....what I need is like below,
but for it to start with the first ACL "CanUseWebmail" and if part of
that source group, apply that ACL, then move on to the next. The final
step resulting in the default rule which blocks all the bad stuff and if
nothing gets tagged as bad, does the "all" function. I hope I am
explaining this correctly...i'm in a tight jamn here.
acl {
CanUseWebmail {
pass mail webmail
redirect
http://localhost/errors/aclerror.php?clientaddr=%a&clientname=%n&clientu
ser=%i&clientgroup=%s&url=%u&targetgroup=%t
}
CanUseInstantMessaging {
pass instantmessaging
redirect
http://localhost/errors/aclerror.php?clientaddr=%a&clientname=%n&clientu
ser=%i&clientgroup=%s&url=%u&targetgroup=%t
}
default {
pass !ads !adult !aggressive !antispyware !artnudes !banking
!beerliquorinfo !beerliquorsale !cellphones !chat !childcare !clothing
!culinary !customblocked !dating !dialers !drugs !ecommerce
!frencheducation !gambling !government !hacking !homerepair
!instantmessaging !jewelry !jobsearch !kidstimewasting !mail !naturism
!onlineauctions !onlinegames !onlinepayment !personalfinance !phishing
!porn !proxy !radio !religion !ringtones !sexuality !spyware !vacation
!violence !virusinfected !warez !weapons !webmail all }
- Nick
-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: Wednesday, October 11, 2006 4:14 PM
To: Nick Duda
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Need help with a unique squidGuard setup
ons 2006-10-11 klockan 15:57 -0400 skrev Nick Duda:
> acl {
> CanUseWebmail {
> pass mail webmail !instantmessaging all
> redirect
> http://localhost/errors/aclerror.php?clientaddr=%a&clientname=%n&clien
> tu ser=%i&clientgroup=%s&url=%u&targetgroup=%t
> }
I think you need to switch the logics around here..
webmail {
pass CanUseWebmail
redirect ...
}
and similarly for the other destination groups. This changes the
configuration from restricting what sites each group of users may access
to restricting which users may access each group of sites, making it
easier to build permissive rules where the allowed access is the sum of
all rights.
Regards
Henrik
---------------------
Confidentiality note
The information in this email and any attachment may contain
confidential and proprietary information of VistaPrint and/or its
affiliates and may be privileged or otherwise protected from disclosure.
If you are not the intended recipient, you are hereby notified that any
review, reliance or distribution by others or forwarding without express
permission is strictly prohibited and may cause liability. In case you
have received this message due to an error in transmission, please
notify the sender immediately and delete this email and any attachment
from your system.
---------------------
---------------------
Confidentiality note
The information in this email and any attachment may contain confidential and proprietary information of VistaPrint and/or its affiliates and may be privileged or otherwise protected from disclosure. If you are not the intended recipient, you are hereby notified that any review, reliance or distribution by others or forwarding without express permission is strictly prohibited and may cause liability. In case you have received this message due to an error in transmission, please notify the sender immediately and delete this email and any attachment from your system.
---------------------
Received on Thu Oct 12 2006 - 06:37:02 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST