SQUID: Permit access only to gmail (https)

Bruno Galindro da Costa bruno.galindro at gmail.com
Wed Jan 13 12:12:22 UTC 2010

Hi all,

    I need to permit access to gmail (https) only and block all others https
sites. How can i do this in squid.conf? I've tried this, but isn't works (I
think it´s because the "deny  CONNECT" line):

# cat /etc/squid3/squid.conf
acl manager proto cache_object
acl localhost src
acl SSL_ports port 443 2096 8080 # https
acl Safe_ports port 2401        # CVS
acl Safe_ports port 554         # rtsp
acl Safe_ports port 80 81 8080  # http
acl Safe_ports port 20 21       # ftp
acl purge method PURGE

auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b
"dc=domain,dc=com" -D cn=proxyqueryuser,cn=users,dc=domain,dc=com -w pass -f
sAMAccountName=%s -h domain.com

auth_param basic realm PROXY AUTH
auth_param basic children 5
auth_param basic credentialsttl 15 minutes

external_acl_type ldap_group %LOGIN /usr/lib/squid3/squid_ldap_group -R -b
"dc=domain,dc=com" -D cn=proxyqueryuser,cn=users,dc=domain,dc=com -w pass -f
-h domain.com

acl white_sites  url_regex -i "/etc/squid3/rules/white_sites"
acl user_group_1      external ldap_group user_group_1
http_access allow white_sites user_group_1
*http_access deny  CONNECT SSL_ports user_group_1*
http_access allow user_group_1

# cat /etc/squid3/rules/white_sites

Bruno Galindro da Costa
bruno.galindro at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20100113/0c56986b/attachment.html>

More information about the ubuntu-users mailing list