I am not sure about ports - but this will block evrything except <blah>
I put # for comments You also need to add localhost so some things don't break.
If you use "acl deny all" it undoes everything above it. The chances of your breaking something are good doing something like the above.
We usually just use a router for this, and allow one subnet through.
Last edited by jim mcnamara; 08-24-2012 at 03:55 PM..
Hi ,
I am new user.
As you know when acl is defined in /etc/squid/squid.conf file according to its http_access users are able to access internet.
Before that .htaccess asks them to access internet.
It is fine.
I saw in some customised linux servers in place of .htaccess login ,html web page... (1 Reply)
Hi guys
On FC9 we are running squid-3.0.STABLE2-2.fc9.i386
HTTP traffic works fine, no problems there.
When I try to access a secure site, IE, Chrome and Firefox says the page cannot be loaded.
I do not see any log entries in the squid access log or the servers messages file.
... (3 Replies)
Hi,
How i can block images from a particular site with squid?
for example i want images from www.yahoo.com not displayed but other site content displayed to user?
and
how can i authenticate squid users (for e.g webproxy) with windows server 2003 domain controller (Active Directory)
... (0 Replies)
Hi all
We have squid-2.5.STABLE11-3.FC4 running in our environment.
LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Hello,
I have a pretty useless satellite link at home (far from any civilization), so I wanted to set up caching in order to speed things up. My Squid 2.6 runs "3128 transparent" and is set up quite well on a separate machine.
I also have my dd-wrt router to move all port 80 traffic through... (0 Replies)
Can someone please give me the conf file line to allow access to myexample.com and only that site, and only through http and https?
So far I have only that site accessible via http, but all https sites are opened.
Squid 3.1 on Cent 6
---------- Post updated at 12:06 PM ---------- Previous... (0 Replies)
Dear all experts here,
:)
I would like to install a proxy server on Linux server to perform solely to control the access of Web server.
In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server.
I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies
LEARN ABOUT OSX
ypserv.acl
YPSERV.ACL(5) BSD File Formats Manual YPSERV.ACL(5)NAME
ypserv.acl --ypserv(8) configuration file
DESCRIPTION
The ypserv.acl file controls which hosts can connect to the YP server.
The format is more complex than the format for securenet(5). The first two verbs on each line controls if the line will allow or deny access
for a host, network (net) or all hosts.
The YP server reads the configuration file and build a list in memory. This list is processed from the beginning for every incomming request.
As soon a match is found in the list the search terminates and it returns success or failure depending on allow or deny. If no match was
found in the list success is returned.
If access is denied every call will cause a no such domain error for the caller.
Don't forget to allow localhost access if you want the machine running ypserv access it too.
There is no default name for this file. Start ypserv with a -a filename to read a file with this format.
The following different syntax can be used:
< allow|deny > host < hostname|ip-address >
If hostname has more than one ip address then all will be added to the list.
< allow|deny > net < netname|netnumber > [netmask <netname|netnumber>]
If netmask part of the command isn't given then the netmask will be assumed to be a class A, B or C net depending on the net number.
< allow|deny > all
A line containing one of these commands will always match any host.
EXAMPLES
A configuration file might appear as follows:
# This is an example of an access control file to be used by ypserv.
#
# This file is parsed line by line. First match will terminate the check
# of the caller.
#
###########################################################################
# This is the commands that will match a single host
#
# allow host <hostname|ip-address>
# deny host <hostname|ip-address>
#
# To process hostname gethostbyname is called. If the hostname has
# multiple ip-addresses all will be added (I hope). ip-address
# processed by inet_aton.
allow host localhost
deny host jodie
###########################################################################
# This is the commands that will match a network
#
# allow net <netname|netnumber> [netmask <netname|netnumber>]
# deny net <netname|netnumber> [netmask <netname|netnumber>]
#
# To process netname getnetbyname is called, and inet_aton is used for
# netnumber. inet_aton both access numbers as 255.255.255.0 and 0xffffff00.
#
# If netmask isn't given the parser will assume netmask from the first bits
# of the network number. So if the network is subneted the you have to add
# the netmask. In my case I've got the network 139.58.253.0 at home so too
# allow any of my computers to talk with the server I need the following
# line
#
allow net mojathome netmask 255.255.255.0
###########################################################################
# At last we have a command that will match any caller:
#
# allow all
# deny all
#
# reject all connections
deny all
FILES
/var/yp/ypserv.acl A ypserv(8) configuration file.
SEE ALSO yp(8), ypserv(8), securenet(5)AUTHOR
Mats O Jansson <moj@stacken.kth.se>
BSD July 2, 1994 BSD