Payal Rathod wrote:
> Hi,
> Thanks for the mail. I have a few questions below.
>
> On Mon, Aug 02, 2004 at 01:57:05PM -0300, Pablo Gietz wrote:
>
>>In our Bank we have 300 users with 4 categories: 1-free access to news
>>papers, 2 - Restricted access to some sites, 3 - full access to anyplace
>>but without downloads, 4- full access with downloads.
>
>
> How do you achieve 3?
>
>
# group of people enabled to do downloads
acl acl_downloads_group proxy_auth "/etc/squid/downloads.group"
# group of people enabled to do full navigation
acl acl_full_group proxy_auth "/etc/squid/full.group"
# acl for file types of prohibited docs for downloads
acl acl_prohibited_doc urlpath_regex -i "/etc/squid/prohibited.doc"
# deny prohibited docs for all except for the download_group
http_access deny acl_prohibited_doc !acl_downloads_group
http_access allow all acl_grupo_full
http_access deny all acl_grupo_full
########
# Notes:
# /etc/squid/downloads.group is a flat file with a user per line like
# this:
admin1
admin2
professor1
#
# /etc/squid/full.group is a flat file with a user per line like
estudent1
estudent2
estudent3
# /etc/squid/prohibited.doc is a flat file with a file extension per
#line like this:
\.exe$
\.cab$
\.vb$
\.ade$
\.adp$
\.bas$
\.bat$
\.chm$
\.cmd$
\.cnf$
\.cpl$
\.crt$
\.hlp$
\.hta$
\.isp$
\.lnk$
\.mdb$
\.mde$
\.msc$
\.msi$
\.msp$
\.pif$
\.pcd$
\.reg$
\.scr$
\.sct$
\.shb$
\.shs$
\.url$
\.vbe$
\.vbs$
\.wsc$
\.wsf$
\.wsh$
\.mst$
\.386$
\.adt$
\.app$
\.bin$
\.class$
\.cla$
\.dot$
\.drv$
\.lib$
\.mht$
\.mp3$
\.pps$
\.com$
\.PPT$
\.ARJ$
\.avi$
\.MPG$
\.MPEG$
>>Running Squid 2.4 in redhat 9 is doing prety well, 256MB of ram, pentium
>>III 700Mhz, 2 scsi drives of 10Gb with 1.4 GB of caché in each one.
>
>
> Is it squid's default install? Will default install of squid do in my
> case?
yes is the default install, only we have many changes in the squid.conf
>
> With warm regards,
> -Payal
>
> .
>
Regards
-- Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351 Fax: 0343 - 4201329Received on Tue Aug 03 2004 - 11:20:59 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:01 MDT