RE: [squid-users-request@ircache.net: Re: Filter out Sex... Sites ]

From: Don Brown <dbrown@dont-contact.us>
Date: Fri, 23 Oct 1998 11:55:23 -0400

Nope, that didn't do it. Still denies access to everything. Is there a
way to determine which acl is doing it, or what is happening?

Don Brown
dbrown@CrystalCreative.com
Crystal Creative Products, Inc.
(513) 423-0731 ext. 256

-----Original Message-----
From: Peter van Dijk [mailto:peter-squid@attic.vuurwerk.nl]
Sent: Friday, October 23, 1998 10:48 AM
To: squid-users
Subject: [squid-users-request@ircache.net: Re: Filter out Sex... Sites]

On Fri, Oct 23, 1998 at 08:52:28AM -0400, Don Brown wrote:
> I've tried doing this, but when I use it, I get denied to everywhere.
> I've setup the deny, but not the "notsex" section, as I only want to
> block the adult related sites. Can someone tell me what I've got
> configured wrong? Here's the acl section from my squid.conf file:
> -----------------------------------
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl all src 0.0.0.0/0.0.0.0
> acl mercury src 12.63.229.10/255.255.0.0
> acl pluto src 12.63.229.6/255.255.0.0
> acl sexsites url_regex "/var/squid/etc/adultdomain.dat"
> acl SSL_ports port 443 563
> acl Dangerous_ports port 7 9 19
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> http_access allow manager mercury
> http_access allow manager pluto
> http_access deny manager
>
> # deny access to adult sites
> http_access deny sexsites all

This is incorrect. Here, you tell squid to 'deny' 'http_access' for any
requests
matching 'sexsites' OR 'all'. Remove the 'all' from this line and you
should be
all set.

I ran into a similar problem after installing squid (yesterday :) which
was
fixed by putting the two ACL's on two separate lines and not combining
them.

> # Allow everything else
> http_access allow all
>
> # Reply to all ICP queries we receive
> icp_access allow all

Greetz, Peter.

-- 
'I guess anybody who walks away from a root shell at :         Peter van
Dijk
 a nerd party gets what they deserve!' -- BillSF
:peter@attic.vuurwerk.nl
-- --   -- --   -- --   -- --   -- --   -- --   -- --   -- --   -- --
-- --
finger hardbeat@mdk.ml.org for my public PGP-key
  -  ---  -  ---  -  ---  -  ---  -  ---  -  ---  -  ---  -  ---  -  ---
-
Received on Fri Oct 23 1998 - 09:55:39 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:42:46 MST