Re: [squid-users] Need ACL to restrict specific hosts to specific websites from Henrik Nordstrom on 2007-10-02 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 02 Oct 2007 11:05:59 +0200

On mån, 2007-10-01 at 14:31 -0400, George wrote:
> Hi All;
>
> Relatively new to Squid, and am having a problem with an ACL.
> Currently, my setup allows all hosts access to all sites on the
> Internet with the exception of "bad" sites that I've already
> restricted via another ACL.
>
> I want to add another ACL to allow 5 specific hosts on our network to
> access 6 specific Internet websites, but nothing else. What would be
> the simplest and most effective way to do this? All suggestions
> appreciated. Thanks!

Before where you otherwise allow access:

acl restricted_hosts src ip.of.host1 ...
acl restricted_sites dstdomain www.example.com www.squid-cache.org www.henriknordstrom.net

# Allos restricted_hosts only access to restricted_sites
http_access allow restricted_hosts restricted_sites
http_access deny restricted_hosts

or alternatively

# Deny restricted_hosts access to anything not in restricted_sites
http_access deny restricted_hosts !restricted_sites

assuming the restricted_sites is also allowed by your normal access rules..

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Tue Oct 02 2007 - 03:06:06 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:00 MDT