RE: Config Help

Mon, 24 Jun 2002 06:21:32 -0700 

I'd recommend the following changes to your config file:
 
time business-hours {
        weekly mtwh 07:00 - 17:30
        weekly f    07:00 - 16:00
}
# Note: Add 's' Sunday and 'a' Saturday if those days have business
# hours.

src lim-access {
        ip #.#.#.1-#.#.#.125
}

dest lists here***

acl {
        lim-access within business-hours {
                pass local-ok none
                redirect ......
        } else {
                pass local-ok !local-block !aggressive !drugs !gambling 
                        !hacking !porn !proxy !violence !warez all
                redirect ......
        }
        default {
                pass none
                redirect ......
        }
}

Why is the redirect in your default acl commented out? It is
important that the default acl have a redirect statement.

That should get you working.

Rick Matthews

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ross Bateman
> Sent: Monday, June 24, 2002 5:29 AM
> To: squidGuard
> Subject: Config Help
> 
> 
> Hi
> 
> I am fairly new to using SquidGuard.
> I have it running on a Red Hat 7.2 box.
> 
> What I am trying to do is limit users to only have access to out intranet
> site during working hours, then after hours they can surf, but porn etc will
> be blocked.
> 
> I can get sGuard to block porn etc but when I start using the else statement
> sGuard does not block anything (emergency pass-all mode I think they call
> it.) There are no errors reported in my log file.
> 
> My intranet site is the only site in the local-ok domains.db.
> 
> Extracts from my conf file:
> 
> time leisure-time {
>     weekly * 00:00-07:00 17:30-00:00
>     weekly fridays 16:00-17:30
> }
> 
> src lim-access {
>       ip #.#.#.1-#.#.#.125
> }
> 
> dest lists here***
> 
> acl {
>     lim-access within leisure-time {
>         pass local-ok !local-block !aggressive !drugs !gambling !hacking
> !porn !proxy !violence !warez all
> 
>         redirect
> 302:http://my.web.server/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&;
> clientident=%i&srcclass=%s&targetgroup=%t&url=%u
>      } else {
>               pass local-ok !all
> 
>       redirect
> 302:http://my.web.server/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&;
> clientident=%i&srcclass=%s&targetgroup=%t&url=%u
>      }
> 
>    default {
>       pass none
> 
> #     redirect
> 302:http://my.web.server/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&;
> clientident=%i&srcclass=%s&targetgroup=%t&url=%u
>    }
> 
> If I remove the within leisure-time and else section, sGuard works fine.
> 
> TIA
> 
> Ross
> 
>

Reply via email to