Squid Access Control Lists

You can limit users’ ability to browse the Internet with access control lists (ACLs). Each ACL line defines a particular type of activity, such as an access time or source network, they are then linked to an http_access statement that tells Squid whether or not to deny or allow traffic that matches the ACL.

Squid matches each Web access request it receives by checking the http_access list from top to bottom. If it finds a match, it enforces the allow or deny statement and stops reading further. You have to be careful not to place a deny statement in the list that blocks a similar allow statement below it. The final http_access statement denies everything, so it is best to place new http_access statements above it.

Adding my network on acl.

I can add it in two ways like this

acl my_network src


acl my_network src

both means my network starts from to 255

Now on http_access section allow this network to access internet

http_access allow my_network

Restricting Web Access By Time

You can create access control lists with time parameters.that is you can allow internet only on working hours etc..Add acl for time

acl work_hours time SMTWHFA 08:00-17:00

SMTWHFA- represents Sunday to Saturday

please ensure there is no space between the time it may cause error..

now modify htt_access with time

http_access allow  my_network  work_hours

Now the machines under my_network will get internet connection only during working hours


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s