GIT – FREQUENTLY ASKED QUESTIONS (Linux)
Q: How to block in ? (any secure https sites)


Here the post will show you how to blockcomplete “http” and “https” facebook access in times in your squid proxy server. Create an acl with facebook domain (dstdomain) and deny both http and https access.

Add the Configurations to squid.conf
[root@server ~#]vi /etc/squid/squid.conf

#1: Create an acl for proxy clients.
acl accountant src 192.168.10.50/32

#2: Create an acl for facebook domain  (any required sites)
acl fb dstdomain .facebook.com

#3: Create an acl office time for Mon-Sat, 10:00 to 17:00 (24hrs)

acl officetime time MTWHFA 10:00-17:00
#4: Deny access to “http” facebook to accountant only in office times
http_reply_access deny  fb accountant officetime
#5: The below line will deny access to “https” secured facebook to the proxy user “accountant” in office times. Squid proxy will deny access to “https” facebook to accountant only in office times.
http_access deny CONNECT fb accountant officetime
#(save the squid.conf configuration file)
#6: And finaly reload squid service to take effect changes
[root@server ~#]service squid reload

Tips: The way to include multiple sites in one ACL
acl badsites dstdomain .facebook.com .twitter.com .blogger.com

Note: Tested in squid-3.1       (tested using squid-3.1.16-1.fc15.x86_64   in 6)

Print Friendly

Comments

comments

Bài viết liên quan