<div dir="ltr"><div>Thank you for your reply. I've managed to retrieve uncommented config lines:<br><br>$ grep -P '^\s*\w' /etc/squid3/squid.conf<br><pre><code>acl localnet src 192.168.0.101 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl myrule dstdom_regex "/etc/squid3/domainblock.txt"
http_access allow myrule
cache deny all
http_access allow localhost manager
http_access deny manager
acl Purge method PURGE
http_access deny Purge
http_access allow localhost
http_port 3128
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320<br><br></code></pre>If helps, iptables is empty and netstat status is<br>$ sudo netstat -nltp | grep squid<br>tcp6 0 0 :::3128 :::* LISTEN 20292/(squid-1)<br><br></div><div>Version info:<br>$ sudo apt-cache policy squid3<br>squid3:<br> Installed: 3.3.8-1ubuntu6.1<br> Candidate: 3.3.8-1ubuntu6.1<br> Version table:<br> *** 3.3.8-1ubuntu6.1 0<br> 500 <a href="http://archive.ubuntu.com/ubuntu/">http://archive.ubuntu.com/ubuntu/</a> trusty-updates/main i386 Packages<br> 500 <a href="http://archive.ubuntu.com/ubuntu/">http://archive.ubuntu.com/ubuntu/</a> trusty-security/main i386 Packages<br> 100 /var/lib/dpkg/status<br> 3.3.8-1ubuntu6 0<br> 500 <a href="http://archive.ubuntu.com/ubuntu/">http://archive.ubuntu.com/ubuntu/</a> trusty/main i386 Packages<br><br></div><div>Proof that squid is running:<br>$ ps ax | grep squid<br>20290 ? Ss 0:00 squid3<br>20292 ? S 0:06 (squid-1)<br>31535 ? S 0:00 (logfile-daemon) /var/log/squid3/access.log<br>31720 pts/28 S+ 0:00 grep --color=auto squid<br></div><div><br></div>Maybe i used the wrong terminology as "redirect". B/c whenever the website in the blocklist is called, localhost page of my LAMP shows up.<br><br>So, what i want to achieve in the end is blocking and sometimes unblocking a list of websites based on their domain name. Problem is even the config is changed to "http_access allow myrule" it doesnt reflect allow/deny options accordingly anymore. At this moment, the websites in the list are still non-accessible.<br><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 10, 2014 at 3:32 PM, Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<span class=""><br>
On 11/11/2014 12:22 a.m., Efe wrote:<br>
> OS: Ubuntu 14.04 LTS<br>
><br>
> After i installed the squid3 package for the 1st time, i've add a<br>
> list of domains to be blocked in squid.conf:<br>
><br>
> acl myrule dstdom_regex "/etc/squid3/domainblock.txt" http_access<br>
> deny myrule<br>
><br>
> where domainblock.txt is<br>
><br>
> <a href="http://someaddress.com" target="_blank">someaddress.com</a> <a href="http://blockthis.net" target="_blank">blockthis.net</a><br>
<br>
</span>For domain names like this you should be using "dstdomain" ACL type<br>
instead of a regex.<br>
<span class=""><br>
><br>
> Which worked fine and redirect them to localhost running on my<br>
> LAMP<br>
<br>
</span>?? there is nothing about a "redirect" in that squid.conf snippet you<br>
showed.<br>
<br>
Can you please display the whole squid.conf. Without all the<br>
documentation #comment or empty lines though.<br>
<span class=""><br>
<br>
><br>
> Index of /<br>
><br>
> Name Last modified Size Description<br>
><br>
> html 2014/04/10 ------------------------------<br>
> ---------------------- Apache/2.4.7 (Ubuntu) Server at<br>
> <a href="http://google-analytics.com" target="_blank">google-analytics.com</a> Port 80<br>
><br>
> Later i purged it by:<br>
><br>
> sudo apt-get remove --purge squid3*<br>
><br>
> and removed every file&folder the command "locate squid" gave,<br>
> including the "/etc/squid3" folder then reboot. But i still couldnt<br>
> access the websites in "domainblock.txt" even though it doesnt<br>
> exist anymore.<br>
<br>
</span>"it" being squid I assume?<br>
<br>
There is almost always other configuration you had to add in the<br>
network or browser causing the browser to use the proxy. This will<br>
have probably broken your test result.<br>
<br>
If you did actually not have any of that, then you just proved that<br>
Squid was not involved with the problem.<br>
<span class=""><br>
><br>
> Then i re-installed with sudo apt-get install squid3 this time with<br>
> the config to allow those websites in the list:<br>
><br>
> acl myrule dstdom_regex "/etc/squid3/domainblock.txt" http_access<br>
> allow myrule<br>
><br>
> But still no luck. I guess some configurations remain even after<br>
> removing the squid in the system. So what should i do now?<br>
<br>
</span>What do you want to achieve exactly?<br>
<br>
Amos<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2.0.22 (MingW32)<br>
<br>
iQEcBAEBAgAGBQJUYL6CAAoJELJo5wb/XPRjF/sIANt7v8/BpcZ4taHWpRZyXbul<br>
mdr6Cq7rfNb8VRiR41GYnEi0qDuSsSb31ciCpVAVoaeIBF48FufleqQ+QH3kn8M3<br>
ETvNuUHis2Wd8gNXKd3pWtqBx+AbVyPzgKpJebBma0KeOw1eE3Jwevsqbjh/yMBq<br>
KLNfDH0CgL63wYkbNquP3AjDkQggv/w/YvD9bFQY1JfMsaTb64CEdP6NdtEbgnhi<br>
PBo9p9/T1HBkfBf2kg+uElR+TMur1OoHaztxx8g+iiqfBHSocaXhWRCtayhqg35X<br>
8DCmysOYNjY9FyQHZAKFaSeb4WyD02On/KOchH3/5ZHCA1P4HG9zF8V4KYmlgfc=<br>
=iena<br>
-----END PGP SIGNATURE-----<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div><br></div></div></div></div>