On 18 June 2010 14:38, Kris Douglas <krisdoug...@gmail.com> wrote: > Hello, everyone, at work, I have just bought a foxconn netbox to use > as a squid proxy. > > The scenario is that everyone is looking at world cup stuff, and > little is being done. Anyway, we want to to be able to let certain > websites be accessible, so I made a whitelist, saved it to > /etc/squid/whitelist and I have set it to be allowed in the ACL menu. > (I am using webmin to control the configuration), I then made a user > "mviron", for the staff and a user madmin for the admins. I have set > their passwords and such in the authentication files. I then added > that authentication requirement to the squid config file. I allowed > our IP ranges access to the internet (10.10.8.0/24) and set the web > browser proxy address to the squid box (proxy1). When I tried to load > a page, it said access denied and said it was set in the ACL. This is > the same for any machine on the network, including the local ubuntu > 10.04 squid machine. > > We basically want the users that login as mviron to only be able to > access the whitelist, and users who login as madmin can access the > whole of the internet. > > I'm going to put up a pastebin of the config file: > http://pastebin.com/6Dc99Ty1 > > I would really appreciate if I could get some input on this, I would > not be posting here if I wasn't completely stumped, I have read loads > of guides and just can not get my head around it. > > My squid-fu is very rusty but to me it would be more logical if the http_access lines that define the options for the acl started with the deny_all line like this:
http_access deny all http_access allow ncsa_mviron_users whitelist http_access allow ncsa_madmin_users So that you assert that you are denying access to all, then allowing a whitelist to mviron_users and then all to madmin_users. s/ -- Save BBC 6 Music http://www.love6music.com My CV: http://bit.ly/sfgreenwood_cv Linkedin: http://www.linkedin.com/in/simonfgreenwood Twitter: @sfgreenwood
-- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/