[squid-users] allow certian user ips to access only 2 domains and disallow everything

Eliezer Croitor ngtech1ltd at gmail.com
Wed Nov 4 13:08:02 UTC 2020 

Hey Simon,

 

I have seen these websites and it seems that some content which is used in them is from CDNs or other domains.

It’s very important to include specific domains like in the url:

https://code.jquery.com/jquery-3.3.1.min.js

 

For these sites to work properly.

 

You can try to run a more complex config which can or might take into account the Referrer header in the Request

It will probably only work if SSL bump is configured in your setup and it’s not the most secure way to allow sites.

I am only offering this as a it can be limited to specific domains such as cdns or specific hosted services.

 

All The Bests,

 

----

Eliezer Croitoru

Tech Support

Mobile: +972-5-28704261

Email:  <mailto:ngtech1ltd at gmail.com> ngtech1ltd at gmail.com

 

From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of simon ben
Sent: Friday, October 16, 2020 12:21 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] allow certian user ips to access only 2 domains and disallow everything

 

I have squid running perfectly fine on centos 7 64 bit with no issues

I want to allow certain user ips to access a few sites and block everything else so below is the config

the sites are 

1) paloaltonetworks.com

2) redcloak.secureworks.com

 

in squid.conf

-------------------

acl userlist src "/etc/squid/userlist"

acl sitelist dstdomain "/etc/squid/sitelist"

http_access allow userlist sitelist

 

-------------------

 

user list file has the ips

-----------

192.168.62.128

192.168.62.1

192.168.62.129

192.168.61.1

192.168.62.130

192.168.62.3

192.168.61.128

172.16.120.160

------------------------------

 

site list file has the sites

----------------------------------------

.paloaltonetworks.com

.secureworks.com

https://ch-baladia.traps.paloaltonetworks.com

baladia.xdr.eu.paloaltonetworks.com

identity.paloaltonetworks.com

login.paloaltonetworks.com

assets.adobedtm.com

www.paloaltonetworks.com <http://www.paloaltonetworks.com> 

redcloak.secureworks.com

 

------------------------------------------------

 

I see that the first page and some links are working but some do not . also there is a huge deny logs in squid access logs

appreciate if you can advise me on how i can have the above access list so as to have minimum denies when being accessed from the above ips

 

 

Thanks and Regards

 

 

simon  

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20201104/a2fdf620/attachment.htm>

More information about the squid-users mailing list