Difference between revisions of "Squid ACL notes"

From Notes_Wiki
m
m
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
<yambe:breadcrumb self="ACLs">Squid proxy server configuration|Squid</yambe:breadcrumb>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Squid proxy server configuration]] > [[Squid ACL notes]]
=Squid ACL notes=


==Blocking domains==
==Blocking domains==
Line 15: Line 14:


You can also read [[Configuring proxy authentication for squid]] to read information on proxy authentication related ACLs.
You can also read [[Configuring proxy authentication for squid]] to read information on proxy authentication related ACLs.
=Access log related ACLS=
==Preventing logging of all requests that match an ACL==
To prevent logging of all requests that match an ACL use:
<pre>
access_log none acl [acl acl ...]
</pre>
Example
<pre>
acl log-test src 10.3.1.2
access_log none log-test
</pre>
==Log requests that match an ACL in separate file==
To log requests that match a given ACL in separate file use:
<pre>
access_log <filepath> [<logformat name> [acl acl ...]]
</pre>
Example
<pre>
acl log-test src 10.3.1.2
access_log /var/log/squid/log_test squid log-test
</pre>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Squid proxy server configuration]] > [[Squid ACL notes]]

Latest revision as of 10:12, 14 July 2022

Home > CentOS > CentOS 6.x > Squid proxy server configuration > Squid ACL notes

Blocking domains

We can use following lines to block domains youtube.com, youtube.co.uk, etc. from 10.2.48.0/24 IP range:

acl youtube_facebook_source src 10.2.48.0/24
acl youtube_facebook_destination dstdomain .youtube.com .facebook.com .youtube.co.uk .youtube.co.in .googlevideo.com .metacafe.com
http_access deny youtube_facebook_source youtube_facebook_destination

Note:

  • Dot (.) before .youtube.com in dstdomain ACLs is very important if we want to block www.youtube.com, etc. subdomains. If we just use youtube.com without dot(.) then ACL do not work as intended.


You can also read Configuring proxy authentication for squid to read information on proxy authentication related ACLs.


Access log related ACLS

Preventing logging of all requests that match an ACL

To prevent logging of all requests that match an ACL use:

access_log none acl [acl acl ...]

Example

acl log-test src 10.3.1.2
access_log none log-test


Log requests that match an ACL in separate file

To log requests that match a given ACL in separate file use:

access_log <filepath> [<logformat name> [acl acl ...]]

Example

acl log-test src 10.3.1.2
access_log /var/log/squid/log_test squid log-test


Home > CentOS > CentOS 6.x > Squid proxy server configuration > Squid ACL notes