Wiki

User Tools

Site Tools

Trace:
squid:acls

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
squid:acls [2020/04/07 10:34] – [Using the ACLs - http_access] petersquid:acls [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 98: Line 98:
   * Then it would allow accesses from everyone to every web site during lunch time.   * Then it would allow accesses from everyone to every web site during lunch time.
   * And finally all other accesses would be denied.   * And finally all other accesses would be denied.
 +
 +Example 2:
 +
 +<code>
 +acl localhost src 127.0.0.1/32 ::1
 +acl all src 0.0.0.0/0.0.0.0
 +    
 +http_access allow localhost
 +http_access deny all
 +</code>
 +
 +  * localhost has free access to everything while all other hosts are denied access completely.
 +
 +
 +Example 3:
 +
 +<code>
 +acl localhost src 127.0.0.1/32 ::1
 +acl all src 0.0.0.0/0.0.0.0
 +acl teachers src 192.168.10.0/255.255.255.0 
 +acl students src 192.168.20.0-192.168.30.0/255.255.255.0 
 +acl lunch time MTWHF 12:00-13:00  
 +    
 +http_access deny localhost
 +http_access allow teachers
 +http_access allow students lunch time
 +http_access deny all
 +</code>
 +
 +
 +  * The group teachers always has access to the Internet.
 +  * The group students only has access between Monday and Friday during lunch time.
 +
 +
 +<WRAP tip>
 +**TIP**:  For readability, within the configuration file /etc/squid/squid.conf, specify all **http_access** options as a block.
 +</WRAP>
  
 ---- ----
Line 127: Line 164:
 ===== Custom error pages (deny_info) ===== ===== Custom error pages (deny_info) =====
  
-By default when you deny access the user gets the error page that is stored in the ERR_ACCESS_DENIED file.+By default when you deny access the user gets the error page that is stored in the **ERR_ACCESS_DENIED** file.
  
-But luckily you can define your own custom error pages and display them when you deny certain accesses. A simple example:+But you can define your own custom error pages and display them when you deny certain access A simple example:
  
 <code> <code>
Line 148: Line 185:
 </code> </code>
  
-This will deny access only for the user from the IP address 10.0.5.16 when www.google.com is accessed. +  * This will deny access only for the user from the IP address 10.0.5.16 when www.google.com is accessed. 
- +    As you can see the ACLs admin and google are combined.  In such a combination the last ACL in the line is taken into account for lookups of **deny_info**. 
-As you can see the ACLs admin and google are combined.  In such a combination the last ACL in the line is taken into account for lookups of **deny_info**. +    So it’s important that you define a **deny_info** for the google ACL.
- +
-So it’s important that you define a **deny_info** for the google ACL.+
  
 ---- ----
squid/acls.1586255695.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki