[squid-users] ACL and http_access

Magic Link magiclink at outlook.com
Tue Nov 17 10:01:50 UTC 2015


Hi,
this solution works very well ! i think a set of "allow" then "deny" is better to understand too.
It's resolved, thank you very much.
Enrique

From: magiclink at outlook.com
To: antony.stone at squid.open.source.it; squid-users at lists.squid-cache.org
Date: Sun, 15 Nov 2015 11:32:32 +0100
Subject: Re: [squid-users] ACL and http_access




Thank you, i'll test it tomorrow.
My boss needs this because of his limited bandwith. And he really needs to limit the access during two crucial periods where the bandwith's availability is very important.

Enrique
> From: Antony.Stone at squid.open.source.it
> To: squid-users at lists.squid-cache.org
> Date: Sun, 15 Nov 2015 10:06:59 +0100
> Subject: Re: [squid-users] ACL and http_access
> 
> On Thursday 12 November 2015 at 15:55:10, Magic Link wrote:
> 
> > I want people don't have access to Internet, except one hour twice a day
> > with only some urls.listed in a file
> 
> On 14/11/2015 11:23 p.m., Magic Link wrote:
> 
> > I 've made a mistake so what i want is users can access Internet, except
> > these two periods where they can access only few sites defined in the
> > file. I'll try next monday and come back here.
> 
> On Sunday 15 November 2015 at 03:01:44, Amos Jeffries wrote:
> 
> > Then your config needs to be:
> > 
> >  acl hours time MTWHF 09:30-10:30
> >  acl hours time MTWHF 17:30-18:30
> > 
> >  http_access allow localhost
> >  http_access deny hours !whitelist
> >  http_access allow network
> >  http_access deny all
> 
> Or, if you find it easier to understand:
> 
> acl hours time MTWHF 09:30-10:30
> acl hours time MTWHF 17:30-18:30
> 
> http_access allow localhost
> http_access allow network hours whitelist
> http_access allow network !hours
> http_access deny all
> 
> That means "allow network access to whitelisted sites during the defined hours, 
> or allow general access outside those hours".
> 
> Personally I find a set of "allow" rules easier followed by a "deny" rules to 
> understand the logic of than interleaved "allow" and "deny" rules :)
> 
> However, I find the new requirement very strange - would you mind sharing, just 
> for interest's sake, why you want to implement this type of Internet access?
> 
> 
> 
> Antony.
> 
> -- 
> I want to build a machine that will be proud of me.
> 
>  - Danny Hillis, creator of The Connection Machine
> 
>                                                    Please reply to the list;
>                                                          please *don't* CC me.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
 		 	   		  

_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151117/f02eafd1/attachment-0001.html>


More information about the squid-users mailing list