Hi Tomasz
Can you post your config?
On Wed, 28 Dec 2005 16:21:00 +0100, you wrote:
>My problem with squidGuard looks like this:
>program blocks porn etc. perfectly... but only on one of two subnets.
I have a mixture of individual IPs and ranges and subnets, all
of which work perfectly. Could it be that you have a 'default'
acl which lets everything that isn't previously defined through,
instead of blocking by default.
See my example below; if I'd forgotten to define the acl for
classrooms, or forgotten to put a required address range in
there, the 'default' acl will ensure that only destinations we
define in local_domains (our intranet) can be reached. Users
get a static html message saying something like: "External web
access has not been set up on this machine. You can only visit
local sites" for everything else. I use something similar when
we have lessons where kids need only access specific sites.
src staffrooms {
ip 10.10.229.50
ip 10.10.50.1 - 10.10.50.214
ip 10.10.255.0/255.255.255.0
}
src classrooms {
ip 10.10.11.1 - 10.10.11.15
ip 10.1.0.0/255.255.255.0
}
acl {
staffrooms {
pass local_domains !proxies !exefiles all
redirect http://proxy.fhs.local/generic.php? (...etc)
} # End acl staffrooms
classrooms {
pass local_domains !proxies !porn !exefiles all
redirect http://proxy.fhs.local/generic.php? (...etc)
} # End acl classrooms
default {
pass local_domains none
redirect http://proxy.fhs.local/local-only-msg.html
} # end acl default
} # End acls
