OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Squid - Rules for groups
« previous next »
  • Print
Pages: [1]

Author Topic: Squid - Rules for groups  (Read 3650 times)

filhoarrais

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Squid - Rules for groups
« on: September 12, 2016, 02:32:22 pm »
Hello,
I looked for options rules by groups and found there is this feature available?

Directly in the configuration file I could create the following rules.

Quote
# ACL  mac address

acl TI arp "/etc/squid3/rules2/mac-nivel8.txt"
acl DIRETORIA arp "/etc/squid3/rules2/mac-nivel7.txt"
acl GERENCIA arp "/etc/squid3/rules2/mac-nivel5.txt"
acl COMUNICACAO arp "/etc/squid3/rules2/mac-nivel6.txt"
acl COMPRAS arp "/etc/squid3/rules2/mac-nivel4.txt"
acl ITMS arp "/etc/squid3/rules2/mac-nivel3.txt"
acl REGULACAO arp "/etc/squid3/rules2/mac-nivel2.txt"
acl BLOQUEADOS1 arp "/etc/squid3/rules2/mac-nivel1.txt"
acl BLOQUEADOS0 arp "/etc/squid3/rules2/mac-nivel0.txt"

# ACL pages

acl NOT-TI url_regex -i "/etc/squid3/rules2/sites-nivel8.txt"
acl NOT-DIRETORIA url_regex -i "/etc/squid3/rules2/sites-nivel7.txt"
acl NOT-COMUNICACAO url_regex -i "/etc/squid3/rules2/sites-nivel6.txt"
acl NOT-GERENCIA url_regex -i "/etc/squid3/rules2/sites-nivel5.txt"
acl NOT-COMPRAS url_regex -i "/etc/squid3/rules2/sites-nivel4.txt"
acl ACCEPT-ITMS url_regex -i "/etc/squid3/rules2/sites-nivel3.txt"
acl ACCEPT-REGULACAO url_regex -i "/etc/squid3/rules2/sites-nivel2.txt"
acl ACCEPT-BLOQUEADOS1 url_regex -i "/etc/squid3/rules2/sites-nivel1.txt"
acl ACCEPT-BLOQUEADOS0 url_regex -i "/etc/squid3/rules2/sites-nivel0.txt"


# Rules
http_access allow ITMS ACCEPT-ITMS
http_access allow BLOQUEADOS0 ACCEPT-BLOQUEADOS0
http_access allow BLOQUEADOS1 ACCEPT-BLOQUEADOS1
http_access allow REGULACAO ACCEPT-REGULACAO
http_access allow TI !NOT-TI
http_access allow DIRETORIA !NOT-DIRETORIA
http_access allow COMUNICACAO !NOT-COMUNICACAO
http_access allow GERENCIA !NOT-GERENCIA
http_access allow COMPRAS !NOT-COMPRAS

How could create groups of pages to be blocked / allowed by defining a user group, IP, Mac address?
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2769
  • Karma: 200
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Squid - Rules for groups
« Reply #1 on: September 12, 2016, 04:06:01 pm »
by using deny instead of allow and with different type of the acl ;)
Logged

filhoarrais

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Squid - Rules for groups
« Reply #2 on: September 15, 2016, 12:24:21 am »
The settings above are applied as they are today in Squid (Debian for instance). I want to you can use this same hierarquuia in OPNsense, however, the control panel and not directly in the configuration file.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Squid - Rules for groups
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2