Re: [squid-users] Squid Multiple ACL

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 16 Sep 2009 13:25:21 +1200

So....

On Tue, 15 Sep 2009 10:39:11 -0700 (PDT), ScarEye <scareye_at_gmail.com>
wrote:
> #Squid Config Stuff
> cache_access_log none
> cache_store_log none
> cache_log /dev/null

That log is where you find out what critical and important system errors
are happening.
So you as administrator can fix them.

> cache_effective_user nobody
> cache_dir null /dev/null
> http_port 3128 transparent
> pid_filename /var/run/squid.pid
> visible_hostname router
> # Supervisors With Unlimited Access
> ## Match by MAC
> acl supmac arp "/etc/mac.txt"
> http_access allow supmac
> http_reply_access allow supmac
> ## Match By IP
> acl supip src "/etc/supip.txt"
> http_access allow supip
> http_reply_access allow supip
> # users
> acl users src 192.168.1.2-192.168.1.10
> acl allowedsites dstdomain "/etc/squid/acl/acl"
> http_access allow allowedsites users
> http_access deny !allowedsites users
> deny_info http://www.my-site.com/ users
> http_reply_access allow users
> # Safe Ports
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> http_access deny !Safe_ports
> # Not Safe Ports
> acl Dangerous_ports port 7 9 19 22 23 25 53 109 110 119
> http_access deny Dangerous_ports
> # Anyone Not Already Matched
> acl all src 0.0.0.0/0.0.0.0
> http_access deny all
>
> So the above rules work perfectly, they do exactly I need for it to do.
> Now,
> what I need to do is the following.
>
> Add a rule to allow an IP 192.168.1.60 to look at a different acl. Like
> acl2
> or something.

... huh?

Amos
Received on Wed Sep 16 2009 - 01:25:25 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 16 2009 - 12:00:03 MDT