[squid-users] network blocking <-gettings stressed with it now :o)

From: Chris Burton <cburton@dont-contact.us>
Date: Tue, 03 Feb 2004 13:04:09 +0000

Hi All,

im getting a bit stressed with squid now, finally got it all configured
apart from one little bit, getting stuff banned by our internal IPs

basicly as you can tell by our config file (pasted below) is that we
pull a list of words that are "banned" from the file blocked, we would
like todo the same but it containing certain internal IP address's for
example

10.3.181.19 can see the internet
10.3.181.20 cant see the internet (and is in the network blocked file)

iv tried everything i have seen on the mailing lists and squid's site
but nothing works, maybe one of you could ammend the pasted bit below
;o)

many many many many many many many many many many many many many many
many many many many many many many many many many many many many many
many many many many many many many many many many many many many many
many many many many many many many many many many many many many many
many many many many many many many Thanks

Chris Burton
--------------
Linux Admin and Stress Head :o)

http_port 8081
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
dns_nameservers 10.3.1.190 195.195.244.82
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

        acl myBlocked url_regex -i "/etc/squid/blocked"
        http_access deny myBlocked

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access allow all
http_access deny manager
http_access deny CONNECT !SSL_ports

http_access allow localhost
http_access deny all
http_reply_access allow all

icp_access allow all

tcp_outgoing_address 10.3.181.45
visible_hostname noobler

**********************************************************************
This message is sent in confidence for the addressee
only. It may contain confidential or sensitive
information. The contents are not to be disclosed
to anyone other than the addressee. Unauthorised
recipients are requested to preserve this
confidentiality and to advise us of any errors in
transmission. Any views expressed in this message
are solely the views of the individual and do not
represent the views of the College. Nothing in this
message should be construed as creating a contract.
**********************************************************************
Received on Tue Feb 03 2004 - 06:04:30 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:01 MST