Re: [squid-users] deny authenticated users to dstdomain from Christoph Haas on 2005-09-01 (squid-users)

From: Christoph Haas <email@dont-contact.us>
Date: Thu, 1 Sep 2005 17:27:58 +0200

On Thu, Sep 01, 2005 at 11:14:16AM -0400, Covington, Chris wrote:
> I'd like to deny some domains after people have authenticated. I tried
> this:
>
> acl NoAccess dstdomain .aim.com
> acl NoAccess proxy_auth REQUIRED
> acl AuthorizedUsers proxy_auth REQUIRED
> http_access deny NoAccess
> http_access allow AuthorizedUsers

Untested proposal (yeah, I'm lazy):

acl authentication proxy_auth REQUIRED
acl forbidden_domains dstdomain .aim.com
http_access deny !proxy_auth
http_access deny forbidden_domains
http_access allow all

Or even shorter:
[...]
http_access deny !proxy_auth
http_access allow !forbidden_domains

Regards
Christoph

-- 
~
~
~
".signature" [Modified] 3 lines --100%--                3,41         All

Received on Thu Sep 01 2005 - 09:28:01 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:02 MDT