[prev in list] [next in list] [prev in thread] [next in thread]
List: mandrake-expert
Subject: Re: [expert] Blocking some URL's with Squid
From: Juan Luis Baptiste <juancho () phreaker ! net>
Date: 2004-05-19 21:31:29
Message-ID: 200405192131.29721.juancho () phreaker ! net
[Download RAW message or body]
On Wednesday 19 May 2004 22:05, David Guntner wrote:
> Juan Luis Baptiste grabbed a keyboard and wrote:
>
> [Don't you just love it when someone quotes someone else, and doesn't
> attribute who they're quoting?]
>
> > > > acl inside_network src 192.168.0.0/24
> > > > acl allowed_box1 src 192.168.0.23
> > > > acl allowed_box2 src 192.168.0.60
> > > > acl psigmacorp dstdomain .domain1.com .domain2.com
> > > > acl psigmaweb_address dst 200.xxx.xxx.xxx
> > > >
> > > > http_access allow inside_network psigmacorp psigmaweb_address
> > >
> > > Squid AND's everything on a http_access line, so only adddresses
> > > that meet ALL criteria will work.
> > >
> > > What you want is:
> > > http_access allow inside_network
> > > http_access allow psigmacorp
> > > http_access allow psigmaweb_address
> > >
> > > It bit me too :-)
>
> No, all that does is control who can connect to your squid proxy, where
> they can connect from. Doesn't do anything to control where it goes *to*.
>
> > Nope, it still permits access to any site, from psigmacorp or not.
> >
> > Any other ideas?
>
> I didn't see the beginning of this conversation, so I'm guessing at what
> you want. What I'm guessing is that you want certain URLs to not be
> accessed from within your local network (which is presumably going through
> your Squid proxy.
>
I just need to only permit access to three company pages for all machines,
except for two of them.
> I would suggest you go to freshmeat.net and look for "sleezeball." It's a
> squid proxy redirector program that is intended for blocking various forms
> of web banner advertisements. It comes with some definitions for your
> filter control file. I suspect if you were to add a URL that you didn't
> want people to go to, that it would block that access. It's worth a try.
> :-)
>
I'll have a look at it.
Cheers,
--
Juan Luis Baptiste
http://www.merlinux.org
http://knetworkconf.sf.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic