Difference between revisions of "Squid ACL notes"
From Notes_Wiki
(Created page with "=Squid ACL notes= ==Blocking domains== We can use following lines to block domains youtube.com, youtube.co.uk, etc. from 10.2.48.0/24 IP range: <pre> acl youtube_facebook_s...") |
m |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Squid proxy server configuration]] > [[Squid ACL notes]] | |||
==Blocking domains== | ==Blocking domains== | ||
| Line 13: | Line 13: | ||
You can also read [[Configuring proxy authentication for squid]] to read information on proxy authentication related ACLs. | |||
=Access log related ACLS= | |||
==Preventing logging of all requests that match an ACL== | |||
To prevent logging of all requests that match an ACL use: | |||
<pre> | |||
access_log none acl [acl acl ...] | |||
</pre> | |||
Example | |||
<pre> | |||
acl log-test src 10.3.1.2 | |||
access_log none log-test | |||
</pre> | |||
==Log requests that match an ACL in separate file== | |||
To log requests that match a given ACL in separate file use: | |||
<pre> | |||
access_log <filepath> [<logformat name> [acl acl ...]] | |||
</pre> | |||
Example | |||
<pre> | |||
acl log-test src 10.3.1.2 | |||
access_log /var/log/squid/log_test squid log-test | |||
</pre> | |||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Squid proxy server configuration]] > [[Squid ACL notes]] | |||
Latest revision as of 10:12, 14 July 2022
Home > CentOS > CentOS 6.x > Squid proxy server configuration > Squid ACL notes
Blocking domains
We can use following lines to block domains youtube.com, youtube.co.uk, etc. from 10.2.48.0/24 IP range:
acl youtube_facebook_source src 10.2.48.0/24 acl youtube_facebook_destination dstdomain .youtube.com .facebook.com .youtube.co.uk .youtube.co.in .googlevideo.com .metacafe.com http_access deny youtube_facebook_source youtube_facebook_destination
Note:
- Dot (.) before .youtube.com in dstdomain ACLs is very important if we want to block www.youtube.com, etc. subdomains. If we just use youtube.com without dot(.) then ACL do not work as intended.
You can also read Configuring proxy authentication for squid to read information on proxy authentication related ACLs.
Preventing logging of all requests that match an ACL
To prevent logging of all requests that match an ACL use:
access_log none acl [acl acl ...]
Example
acl log-test src 10.3.1.2 access_log none log-test
Log requests that match an ACL in separate file
To log requests that match a given ACL in separate file use:
access_log <filepath> [<logformat name> [acl acl ...]]
Example
acl log-test src 10.3.1.2 access_log /var/log/squid/log_test squid log-test
Home > CentOS > CentOS 6.x > Squid proxy server configuration > Squid ACL notes
