new feature in squidguard

Sergei I. Golod Fri, 05 Oct 2001 04:15:25 -0700

Hello.

What about to change 'source' defenition in configuration file to next:


# Old format
source group1 {
            ip          192.168.1.0/24
            userlist    src/group1/users
}
source group2 {
            ip          192.168.2.0/24
}
source group3 {
            ip          192.168.3.0/24
            user        root user1 user2
}

# New format
source many_groups {
        {
            ip          192.168.1.0/24
            userlist    src/group1/users
        }
        {
            ip          192.168.2.0/24
        }
        {
            ip          192.168.3.0/24
            user        root user1 user2
        }
}

// Some explanation: many_groups - is a group of subgroups (OR condition
between subgroups), inside each subgroups we using old format. So in this
examle: ((users in /src/group1/users AND from 192.168.1.0/24) OR (any user
from 192.168.2.0/24) OR (user root/user1/user2 from 192.168.3.0/24)) in
group many_groups. And now we can use ONLY ONE acl for this group and not
need to define one acl for each subgroups (as in current version).

destination some {
        expressionlist  dest/some.expression
        redirect        http://localhost/some.html
}

acl {
# Old format
        group1 {
                pass    !some any
        }
        group2 {
                pass    !some any
        }
        group3 {
                pass    !some any
        }

#New format
        many_groups {
                pass    !some any
        }
....
}

new feature in squidguard

Reply via email to