'Re: [expert] Blocking some URL's with Squid'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mandrake-expert
Subject:    Re: [expert] Blocking some URL's with Squid
From:       Juan Luis Baptiste <juancho () phreaker ! net>
Date:       2004-05-19 21:31:29
Message-ID: 200405192131.29721.juancho () phreaker ! net
[Download RAW message or body]

On Wednesday 19 May 2004 22:05, David Guntner wrote:
> Juan Luis Baptiste grabbed a keyboard and wrote:
>
> [Don't you just love it when someone quotes someone else, and doesn't
> attribute who they're quoting?]
>
> > > > acl inside_network src 192.168.0.0/24
> > > > acl allowed_box1 src 192.168.0.23
> > > > acl allowed_box2 src 192.168.0.60
> > > > acl psigmacorp dstdomain .domain1.com .domain2.com
> > > > acl psigmaweb_address dst 200.xxx.xxx.xxx
> > > >
> > > > http_access allow inside_network psigmacorp psigmaweb_address
> > >
> > > Squid AND's everything on a http_access line, so only adddresses
> > > that meet ALL criteria will work.
> > >
> > > What you want is:
> > > http_access allow inside_network
> > > http_access allow psigmacorp
> > > http_access allow psigmaweb_address
> > >
> > > It bit me too :-)
>
> No, all that does is control who can connect to your squid proxy, where
> they can connect from.  Doesn't do anything to control where it goes *to*.
>
> > Nope, it still permits access to any site, from psigmacorp or not.
> >
> > Any other ideas?
>
> I didn't see the beginning of this conversation, so I'm guessing at what
> you want.  What I'm guessing is that you want certain URLs to not be
> accessed from within your local network (which is presumably going through
> your Squid proxy.
>

I just need to only permit access to three company pages for all machines, 
except for two of them.

> I would suggest you go to freshmeat.net and look for "sleezeball."  It's a
> squid proxy redirector program that is intended for blocking various forms
> of web banner advertisements.  It comes with some definitions for your
> filter control file.  I suspect if you were to add a URL that you didn't
> want people to go to, that it would block that access.  It's worth a try.
> :-)
>
I'll have a look at it.

Cheers,
-- 
Juan Luis Baptiste
http://www.merlinux.org
http://knetworkconf.sf.net


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic