Squid time based ACL

linux proxy squid

5,434

This

http_access allow allowed_domains apple_net apple weekday_access

will not work unless the allowed hosts are in allowed_hosts AND in apple_net AND in apple AND your time restriction is true.

Use

http_access allow allowed_domains weekday_access
http_access allow apple_net weekday_access
http_access allow apple weekday_access
...

instead for a logical OR.

5,434

Andrew

Updated on September 18, 2022

Comments

Andrew almost 2 years

I've got time-based ACL's configured that I thought were working, but they're not. Here's what I have set:

#### Time access ACLs ####
acl weekday_access time M T W H 7:30-21:00
acl friday_access time F 7:30-22:00
acl saturday_access time A 7:00-21:30
acl sunday_access time S 7:00-21:00

#### My HTTP Access Rules ####

http_access allow jamf
#http_access allow apple_net
#http_access allow apple

http_access allow allowed_domains apple_net apple weekday_access
http_access allow allowed_domains apple_net apple friday_access
http_access allow allowed_domains apple_net apple saturday_access
http_access allow allowed_domains apple_net apple sunday_access

http_access deny all

allowed_domains is a file for referencing a list of dstdomain's and I know that's working because I can remove the time restrictions and all works like it should -- it's just the time that's not working.

It's showing 7:10pm on the client (19:10) and the server is also configured in the same time-zone (US/Central) and is showing 7:10pm (19:10). Both are showing Monday, both are configured with NTP and are almost exactly matching in time.