Squid ACL notes
From Notes_Wiki
<yambe:breadcrumb self="ACLs">Squid proxy server configuration|Squid</yambe:breadcrumb>
Squid ACL notes
Blocking domains
We can use following lines to block domains youtube.com, youtube.co.uk, etc. from 10.2.48.0/24 IP range:
acl youtube_facebook_source src 10.2.48.0/24 acl youtube_facebook_destination dstdomain .youtube.com .facebook.com .youtube.co.uk .youtube.co.in .googlevideo.com .metacafe.com http_access deny youtube_facebook_source youtube_facebook_destination
Note:
- Dot (.) before .youtube.com in dstdomain ACLs is very important if we want to block www.youtube.com, etc. subdomains. If we just use youtube.com without dot(.) then ACL do not work as intended.
You can also read Configuring proxy authentication for squid to read information on proxy authentication related ACLs.
Preventing logging of all requests that match an ACL
To prevent logging of all requests that match an ACL use:
access_log none acl [acl acl ...]
Example
acl log-test src 10.3.1.2 access_log none log-test
Log requests that match an ACL in separate file
To log requests that match a given ACL in separate file use:
access_log <filepath> [<logformat name> [acl acl ...]]
Example
acl log-test src 10.3.1.2 access_log /var/log/squid/log_test squid log-test