[squid-users] https access only for few users
Simon Dcunha
simon at baladia.gov.kw
Thu Nov 9 10:03:17 UTC 2017
Dear All,
I have squid running with no issues for a long time and recently i have the below task.
User access to internet is based on physical machine IP address acl so only user ips listed in the conf file have access to internet
i need to allow access to only one site for some users and deny everything else. its a https site
the site is https://mof-sc-site.custhelp.com/
the users whos ips are listed in below acl should access the above site only and nothing else.
so i have a access list as follows
----------------------------------------------------
acl onesite src 172.16.52.23 172.16.6.121
acl allowed_site url_regex "/etc/squid/site"
http_access allow onesite allowed_site
http_access deny onesite
------------------------------------------------------
in /etc/squid/site i have
------------------
.mof*
Now when I try to access the above site it says page cannot be displayed and in the squid access.log i see the below
--------------
1510224319.009 0 172.16.6.121 TCP_DENIED/403 4201 CONNECT mof-sc-site.custhelp.com:443 - HIER_NONE/- text/html
but if I try to access http://www.mof.gov.kw the home page is displayed and works fine
appreciate your advice and help
regards
simon
--
---------
Network Administrator
Kuwait Municipality!!!
--
---------
Network Administrator
Kuwait Municipality!!!
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the squid-users
mailing list