1
General Discussion / Squid - Rules for groups
« on: September 12, 2016, 02:32:22 pm »
Hello,
I looked for options rules by groups and found there is this feature available?
Directly in the configuration file I could create the following rules.
How could create groups of pages to be blocked / allowed by defining a user group, IP, Mac address?
I looked for options rules by groups and found there is this feature available?
Directly in the configuration file I could create the following rules.
Quote
# ACL mac address
acl TI arp "/etc/squid3/rules2/mac-nivel8.txt"
acl DIRETORIA arp "/etc/squid3/rules2/mac-nivel7.txt"
acl GERENCIA arp "/etc/squid3/rules2/mac-nivel5.txt"
acl COMUNICACAO arp "/etc/squid3/rules2/mac-nivel6.txt"
acl COMPRAS arp "/etc/squid3/rules2/mac-nivel4.txt"
acl ITMS arp "/etc/squid3/rules2/mac-nivel3.txt"
acl REGULACAO arp "/etc/squid3/rules2/mac-nivel2.txt"
acl BLOQUEADOS1 arp "/etc/squid3/rules2/mac-nivel1.txt"
acl BLOQUEADOS0 arp "/etc/squid3/rules2/mac-nivel0.txt"
# ACL pages
acl NOT-TI url_regex -i "/etc/squid3/rules2/sites-nivel8.txt"
acl NOT-DIRETORIA url_regex -i "/etc/squid3/rules2/sites-nivel7.txt"
acl NOT-COMUNICACAO url_regex -i "/etc/squid3/rules2/sites-nivel6.txt"
acl NOT-GERENCIA url_regex -i "/etc/squid3/rules2/sites-nivel5.txt"
acl NOT-COMPRAS url_regex -i "/etc/squid3/rules2/sites-nivel4.txt"
acl ACCEPT-ITMS url_regex -i "/etc/squid3/rules2/sites-nivel3.txt"
acl ACCEPT-REGULACAO url_regex -i "/etc/squid3/rules2/sites-nivel2.txt"
acl ACCEPT-BLOQUEADOS1 url_regex -i "/etc/squid3/rules2/sites-nivel1.txt"
acl ACCEPT-BLOQUEADOS0 url_regex -i "/etc/squid3/rules2/sites-nivel0.txt"
# Rules
http_access allow ITMS ACCEPT-ITMS
http_access allow BLOQUEADOS0 ACCEPT-BLOQUEADOS0
http_access allow BLOQUEADOS1 ACCEPT-BLOQUEADOS1
http_access allow REGULACAO ACCEPT-REGULACAO
http_access allow TI !NOT-TI
http_access allow DIRETORIA !NOT-DIRETORIA
http_access allow COMUNICACAO !NOT-COMUNICACAO
http_access allow GERENCIA !NOT-GERENCIA
http_access allow COMPRAS !NOT-COMPRAS
How could create groups of pages to be blocked / allowed by defining a user group, IP, Mac address?