I'm building a series of ACL to replace the slowful Dansguardian or the not
very configurable squidGuard.
the best way is to set correct squid-acls :-)
now for first thing I wanna make my net to access al sites and doo
everything.
after that I create an acl, called "exception" in with i put address that
for commercial use, must be an exception do deny acl.
Now, i create another acl, called "users" in with I put the class adresses
of my users.
Now let's create acl to deny what i want:
Create an acl to deny porn sites, and another acl do block some mime
download.
acl are:
acl mynet src 192.168.5.0/27
acl exception src /usr/squid/data/exception
acl users src /usr/squid/data/utenti
acl goodurl url_regex -i /usr/squid/data/goodurl
acl badurl url_regex -i /usr/squid/data/badurl
acl goodmime urlpath_regex -i /usr/squid/data/goodmime
acl badmime urlpath_regex -i /usr/squid/data/badmime
I put the acl in this order:
http_access allow mynet
http_access allow exception
http_access allow goodurl
http_access allow goodmime
http_access deny badurl
http_access deny badmime
http_access allow utenti
http_access deny all
I make this because I want:
Mynet without any limitation.
Exception without any limitation.
access to goodurls without any limitation
accesso to goodmime urls without any limitation
deny access to badurl and badmimetype.
Now the question is:
If for example, a "mynet" user try to download a mimetype that is contented
in "badurl" can donwload or not?
If a user try to download a mimetype that is contend in "badmime", but the
url is contened in "goodurl", can download or not?
Thak you in advance, Federico.
Received on Fri Nov 09 2001 - 12:11:53 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:01 MST