PDA

View Full Version : Squid



drewsmith
21st March 2005, 06:53 PM
I have squid configured and access is open to all at the moment. What I want to do is - deny web access for an IP address then allow specific sites. Anyone any clues how to do this. I am using webmin to configure the server.

catintheredhat
21st March 2005, 07:39 PM
I haven't configured squid through webmin. Here is how to do in the squid.conf.

acl goodNet src 10.0.0.0/8
acl badNet src 10.0.1.0/24

http_access deny badNet
http_access allow goodNet

For more info on squid access control, go here (http://squid-docs.sourceforge.net/latest/html/x591.html#AEN595).

I hope this helps.

drewsmith
21st March 2005, 08:30 PM
I take it acl goodNet src 10.0.0.0/8 is the source address for the PC I want to allow http and
acl badNet src 10.0.1.0/24 is the address I want deny? What I wouild like to do is deny all http on the source then allow a single site for the same source. Is this possible?

catintheredhat
21st March 2005, 09:03 PM
This is possible.

acl GoodClient src 10.0.0.1
acl GoodNet src 10.10.0.0/16
#allow good clients
http_access allow GoodClient
http_access allow GoodNet
#reject all others
http_access deny all

Post if this doesn't work. I'm at work and without a linux box. *suffers*