I've made a few recommended changes to your config file (below).
> The students have a set of default sites they can always vist.
Does the file 'access' contain domains or urls? You have defined it as an
expressionlist,
and I'm sure that is NOT what you want. With a whitelist containing an expressionlist,
any
url that contains anything inside the expressionlist will always be passed. You might
want
to review the documentation on this.
> The others sites like nu.nl are blocked by the "pass !foreveryone none" acl.
That statement is unnecessary. 'pass foreveryone none' accomplishes what you want.
> The ban_domain file is empty.
What is the content of ban_expression?
Hope this helps.
Rick Matthews
--- Recommended SquidGuard.conf---
logdir /usr/local/squidGuard/log
dbhome ?
src students {
ip 192.168.10.23 # Student 1
ip 192.168.10.87 # Student 2
}
# === CONFIG ==============================================================
dest ban {
domainlist ban_domain
expressionlist ban_expression
log /usr/local/squidGuard/log/violation.log
}
dest foreveryone {
expressionlist access
}
# === ACL ==================================================================
acl {
students {
pass foreveryone none
redirect http://192.168.10.18:81/.....
}
default {
pass foreveryone none
redirect http://192.168.10.18:81/......
}
}
-----------------------
On Thu, 16 May 2002, "Firewall5 Management" wrote
>
> ----- Original Message -----
> From: "Rick Matthews"
>
> > > Blocked site: nu.nl
> > > Allowed site: ti.mon3aan.nl
> >
> > Does "Allowed site" mean "Not blocked" or "whitelisted" (a list of allowed
> sites)?
> > If your answer is "whitelisted", could we see your squidGuard.conf?
>
>
> "Allowed sites" means "whitelisted" (a list of allowed sites).
>
> The students have a set of default sites they can always vist.
> (foreveryone), ti.mon3aan.nl is one of those sites.
> The others sites like nu.nl are blocked by the "pass !foreveryone none" acl.
> The ban_domain file is empty.
>
> ---SquidGuard.conf---
>
> logdir /usr/local/squidGuard/log
>
> src students {
>
> ip 192.168.10.23 # Student 1
> ip 192.168.10.87 # Student 2
>
> }
>
> # === CONFIG ==============================================================
>
> dest ban {
> domainlist ban_domain
> expressionlist ban_expression
> log /usr/local/squidGuard/log/violation.log
> }
> dest foreveryone {
> expressionlist access
> }
>
> # === ACL ==================================================================
>
> acl {
> default {
> pass foreveryone
> pass !foreveryone none
> redirect
> http://192.168.10.18:81/cgi-bin/blocked?clientaddr=%a&clientname=%n&clientus
> er=%i&srcclass=%s&url=%u
> }
> students {
> pass foreveryone
> pass !ban all
> redirect
> http://192.168.10.18:81/cgi-bin/blocked?clientaddr=%a&clientname=%n&clientus
> er=%i&srcclass=%s&url=%u
> }
> }
>
> -----------------------
>
> Firewall5 Management
> de Mondriaan onderwijsgroep
> college Techniek studierichting Technische Informatica
> Marcellus Emantslaan 19 - 2274 XL - Voorburg - The Netherlands
> Tel. +31(0)70-3009900 - Fax: +31(0)70-3009910
> Email: [EMAIL PROTECTED] - Web: http://ti.mon3aan.nl
