Hi all
I want to block site over my network, but i'm unable to do it...
1)google chat
The simple acl said that it would be be blocked throgh acl statements,
But that never helped me, finally i took the help of host file and solve the
problem.
I edited a host file, made a following entry
127.0.0.1 chatenabled.mail.google.com
And now its working as i had required.
2)www.nseindia.com & online vedio cliping sites like youtube.com and others.
I'm not finding a proper solution for blocking this particular sites...
I'm pasting my squid configuration file.
______________________________________________________
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 1500 Mb
cache_dir aufs /var/spool/squid 3000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
mime_table /etc/squid/mime.conf
log_mime_hdrs on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
# this is to block the sites, lets c how it works
acl go4_sites dstdom_regex -i "/etc/squid/blocked/bsite.acl"
acl go2 url_regex -i ^http://www.nseindia.com/
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl block_port port 5269
acl office port 8383
acl google_block port 5222 5223
http_access allow safe_ports
http_access allow manager localhost
http_access allow office
http_access deny manager
http_access deny go4_sites
http_access deny go2
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
# Deny requests to unknown ports
http_access deny !Safe_ports
http_access deny !block_port
http_access deny !google_block
#This didn't work out as i wished to
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
# And finally deny all other access to this proxy
http_access deny all
#http_access allow localhost
http_access allow all
http_reply_access allow all
icp_access allow all
visible_hostname linux
httpd_accel_host linux
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
logfile_rotate 9
deny_info ERR_BLOCKED_FILES f29
deny_info ERR_BLOCKED_FILES junklist
#acl denydomain dstdomain talk.google.com
#http_access deny denydomain
error_directory /usr/share/squid/errors
coredump_dir /var/spool/squid
____________________________________________________
bsite.acl
has only one name of the site ie.
.nseindia.com
Please give any suggestion as i'm very desparate in doing this...
Mayuresh M Murkunde
Gujarat, India
Email: mayuresh2710@gmail.com
Received on Wed Aug 01 2007 - 03:21:26 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Sep 01 2007 - 12:00:03 MDT