Rakhmat Farunuddin wrote: > user mentioned in cat2_definite_user file can't access > sonyericsson.com,they (cat2_user) can access another domain > (eg 123xfun.com). what's wrong with that? do i have to add a new > directive for the configuration?? [Configuration listed below]
Did you post your complete squidGuard.conf.file? You are using an undefined time space in your acl (kantor). It is recommended that you explicitly declare your logdir and dbhome directories in your configuration file. Once "kantor" is defined, cat2_users NOT within kantor will be processed by your default acl and denied, (unless they are also listed as a cat4_user). Those are the only issues I see with your configuration. Make sure that your squid acl contains "ident REQUIRED". (See "15.7 Redirector interface is broken re IDENT values" at the bottom of this page http://www.squid-cache.org/Doc/FAQ/FAQ-15.html) Without "ident REQUIRED" squidGuard may not get the ident value, even if it is shown in squid's access.log. Debugging tips: - Check squidGuard.log for errors/problems - Check squid's access.log to ensure that squid is seeing the expected user id - Add a log statement to each of your src groups so you can verify that squidGuard is using the correct user id. Example: src cat2_user { userlist cat2_definite_user log user.log } src cat4_user { userlist cat4_full_access_user log user.log } (I would manually create "user.log" in logdir and give it the proper ownership and permissions.) Hope that helps! Rick Matthews > hai > > i have a strange situation > this is my configuration, > > ###########start configuration############################## > src cat2_user { > userlist cat2_definite_user > } > src cat4_user { > userlist cat4_full_access_user > } > dest for_definite_user { > domainlist domain_for_cat2_user > } > acl { > cat2_user within kantor { > pass for_definite_user none > redirect http://192.168.100.105/limited.php > } > cat4_user { > pass all > } > default { > pass none > redirect http://192.168.100.105/denied.php > } > } > ###########end configuration############################## > > ###########file cat2_definite_user############## > bonie > dien > vera > djohari > ############################################### > > ###########file domain_for_cat2_user############## > 123xfun.com > excelcom.co.id > nokia.com > nokia-asia.com > sonyericsson.com > ################################################## > i'm not apply the cat4_full_acces_user file. > > i think is nothing wrong with the configuration, > the strange situation is : > user mentioned in cat2_definite_user file can't access sonyericsson.com, > they (cat2_user) can access another domain (eg 123xfun.com). > what's wrong with that? do i have to add a new directive for the > configuration?? >
