Still not working.. how have you got it configured? -----Original Message----- From: Emiliano Vazquez [mailto:[EMAIL PROTECTED] Sent: 24 September 2007 1:54 PM To: Abd-Ur-Razzaq Al-Haddad Subject: Re: [squid-users] Acl for blocking sites not working - what can i DO?
You need to make another ACL and use this. #### Blocking some http´s acl block url_regex -i "/squid/etc/files/block" http_access deny block ### (before your http_access allow lan) The file /squid/etc/files/block contain this: adaware.com addaware.com addriller.com ... ... ... advancedsearchbar.com ... etc Next you need to reconfigure your squid # squid -k reconfigure Best Regards. Emiliano Vazquez. ----- Original Message ----- From: "Abd-Ur-Razzaq Al-Haddad" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, September 24, 2007 9:29 AM Subject: [squid-users] Acl for blocking sites not working - what can i DO? > Hi all I've got 2.6 stable running on OpenSuse 10.2 > I can't seem to get the squid to use the internal acls to block > sites/domains.. how can this be achived? > > > > > Squid.conf > > #Recommended minimum configuration: > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > acl lcl src 192.168.0.0/16 > acl NTLMUsers proxy_auth REQUIRED > acl blocksites urlpath_regex “/etc/squid/blocks.sites.acl†> > #Recommended minimum configuration: > # > # Only allow cachemgr access from localhost > http_access allow manager localhost > http_access deny manager > # Deny requests to unknown ports > http_access deny !Safe_ports > # Deny CONNECT to other than SSL ports > http_access deny CONNECT !SSL_ports > # > # We strongly recommend the following be uncommented to protect innocent > # web applications running on the proxy server who think the only > # one who can access services on "localhost" is a local user > #http_access deny to_localhost > # > # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS > > # Example rule allowing access from your local networks. Adapt > # to list your (internal) IP networks from where browsing should > # be allowed > #acl our_networks src 192.168.1.0/24 192.168.2.0/24 > #http_access allow our_networks > http_access allow localhost > http_access deny blocksites > http_access allow lcl NTLMUsers > > # And finally deny all other access to this proxy > http_access deny all > > > In the DENY_INFO SECTION****** > deny_info ERR_BLOCKED_SITES blocksites > > > > > > Abd-Ur-Razzaq Al-Haddad > IT Analyst > > > 9 Queen Street London W1J 5PE > > Tel: +44 (0)207 659 6620 Fax: +44 (0)207 659 6621 > Direct: +44 (0)207 659 6632 Mob: +44 (0)7738 787881 > [EMAIL PROTECTED] > > > > > > > The information contained in this email or any of its attachments may be > privileged or confidential and is intended for the exclusive use of the > addressee. Any unauthorised use may be unlawful. If you received this > email by mistake, please advise the sender immediately by using the reply > facility in your email software and delete the email from your system. > > Carron Energy Limited. Registered Office 9 Queen Street, London W1J 5PE. > Incorporated in England and Wales with company number 5150453 > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
