Squid Access Control Lists

You can limit users’ ability to browse the Internet with access control lists (ACLs). Each ACL line defines a particular type of activity, such as an access time or source network, they are then linked to an http_access statement that tells Squid whether or not to deny or allow traffic that matches the ACL.

Squid matches each Web access request it receives by checking the http_access list from top to bottom. If it finds a match, it enforces the allow or deny statement and stops reading further. You have to be careful not to place a deny statement in the list that blocks a similar allow statement below it. The final http_access statement denies everything, so it is best to place new http_access statements above it.

Adding my network on acl.

I can add it in two ways like this

acl my_network src 192.168.1.0/24

or

acl my_network src 192.168.1.0/255.255.255.0

both means my network starts from 192.168.1.0 to 255

Now on http_access section allow this network to access internet

http_access allow my_network

Restricting Web Access By Time

You can create access control lists with time parameters.that is you can allow internet only on working hours etc..Add acl for time

acl work_hours time SMTWHFA 08:00-17:00

SMTWHFA- represents Sunday to Saturday

please ensure there is no space between the time it may cause error..

now modify htt_access with time

http_access allow  my_network  work_hours

Now the machines under my_network will get internet connection only during working hours

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s