[ubuntu-uk] OT, but having some problems with Squid
Simon Greenwood
sfgreenwood at gmail.com
Fri Jun 18 15:10:15 BST 2010
On 18 June 2010 14:38, Kris Douglas <krisdouglas at gmail.com> wrote:
> Hello, everyone, at work, I have just bought a foxconn netbox to use
> as a squid proxy.
>
> The scenario is that everyone is looking at world cup stuff, and
> little is being done. Anyway, we want to to be able to let certain
> websites be accessible, so I made a whitelist, saved it to
> /etc/squid/whitelist and I have set it to be allowed in the ACL menu.
> (I am using webmin to control the configuration), I then made a user
> "mviron", for the staff and a user madmin for the admins. I have set
> their passwords and such in the authentication files. I then added
> that authentication requirement to the squid config file. I allowed
> our IP ranges access to the internet (10.10.8.0/24) and set the web
> browser proxy address to the squid box (proxy1). When I tried to load
> a page, it said access denied and said it was set in the ACL. This is
> the same for any machine on the network, including the local ubuntu
> 10.04 squid machine.
>
> We basically want the users that login as mviron to only be able to
> access the whitelist, and users who login as madmin can access the
> whole of the internet.
>
> I'm going to put up a pastebin of the config file:
> http://pastebin.com/6Dc99Ty1
>
> I would really appreciate if I could get some input on this, I would
> not be posting here if I wasn't completely stumped, I have read loads
> of guides and just can not get my head around it.
>
>
My squid-fu is very rusty but to me it would be more logical if the
http_access lines that define the options for the acl started with the
deny_all line like this:
http_access deny all
http_access allow ncsa_mviron_users whitelist
http_access allow ncsa_madmin_users
So that you assert that you are denying access to all, then allowing a
whitelist to mviron_users and then all to madmin_users.
s/
--
Save BBC 6 Music http://www.love6music.com
My CV: http://bit.ly/sfgreenwood_cv
Linkedin: http://www.linkedin.com/in/simonfgreenwood
Twitter: @sfgreenwood
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20100618/8a0b35d6/attachment.htm
More information about the ubuntu-uk
mailing list