Squid3 blocking all sites except restricted sites

proxy http squid
5,667

Like lots of allow/deny rule based systems once a rule matches it is applied and there is no further processing of that rule chain. So once you allow * it never even gets to any subsequent deny rules for that chain. Or as the documentation says:

Access list rules are checked in the order they are written. List searching terminates as soon as one of the rules is a match.

Once you replace the * with the actual list it will work. You also don't need a deny sites list if your following it by a deny all.

Share:
5,667

Related videos on Youtube

John K
Author by

John K

...

Updated on September 18, 2022

Comments

  • John K
    John K over 1 year

    I have a configuration file and in the lines where I have my allowed and restricted sites, I have the following:

    acl AllowedSites dstdomain "/home/john/squid3_sites/allowed-sites.squid"
acl RestrictedSites dstdomain "/home/john/squid3_sites/restricted-sites.squid"

    And then on my http_access list, I have

    http_access allow AllowedSites
http_access deny RestrictedSites

    The Contents of my allowed-sites.squid is only a * to represent that all sites area allowed. And on my restricted-sites.squid there is only "www.facebook.com". The proxy restricts all sites except of facebook.com. When I go to any site I can think of, I get the error site with Access Denied. If it helps, here is my full http_access list:

    http_access allow AllowedSites
http_access deny RestrictedSites
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

    And all my acls':

    acl SSL_ports port 443 563
acl AllowedSites dstdomain “/usr/local/etc/allowed-sites.squid”
acl RestrictedSites dstdomain “/usr/local/etc/restricted-sites.squid”
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
acl all src all

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure Squid connection|read|write timeout per Request instead of Globally
503 Service Unavailable - What really it means?
NTLM through proxy server
Squid closing the connection on long HTTP GET requests
How To Enable URL Filtering With Just Squid & C-ICAP
Is there any command-line, generic HTTP proxy (like Squid)?
How does one configure squid3 proxy to support http auth - quick and dirty
Squid refuses all websites when creating proxy server
How to use HttpClientBuilder with Http proxy?
Scrapy using pool of random proxies to avoid being banned