Go Wow wrote:
> so what according to you should be my edited squid.conf? and thanks
> for those great inputs.
That depends on which of my points (which you have now elided) you want
to use.
My version of that would look like:
# Unacceptable users netblocks
http_access deny !home_network
http_access deny lpo_network
# cache-management
http_access allow manager localhost
http_access deny manager
# Unacceptable port usage
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# Whitelist for the following blocks.
acl GoodSites dstdomain "okay-sites.txt" # gmail google.com etc.
acl GoodSites_reg uri_regex -i "okay-words.txt"
http_access allow GoodSites
http_access allow GoodSites_reg
# Unacceptable websites
acl BadSites dstdomain "bad-sites.txt" # porn.com etc.
acl BadSites_reg uri_regex -i "bad-words.txt" # 'excrement' etc.
http_access deny BadSites
http_access deny BadSites_reg
# Acceptable users
http_access allow home_network
# global safety-net.
http_access deny all
Ideally the files and *_reg lists would be empty or missing, but thats a
decision only you can make.
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Sat Feb 02 2008 - 21:20:38 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:04 MST