这是我的 Squid 配置文件。
我想授予特定用户访问特定网页内容的权限,但是通过此配置文件,如果我授予特定用户访问教程的权限,社交网络将被阻止,但电影可以访问。即使我将允许和拒绝分别分组并检查,同样的问题仍然存在;我无法授予对教程的访问权限,但仍阻止对电影的访问
acl localnet src 10.1.1.0/24
acl special src "/etc/squid/special.txt" # All Access IPs
acl unlimited src "/etc/squid/unlimited.txt" # Full Download access
acl allow_proxy src "/etc/squid/allow_proxy.txt" # Allow Proxy sites
acl allow_social src "/etc/squid/allow_social.txt" # Allow Social networking
acl allow_tutorial src "/etc/squid/allow_tutorial.txt" # Allow Tutorial
acl allow_movie src "/etc/squid/allow_movie.txt" # Allow Jobs
acl allow_jobs src "/etc/squid/allow_jobs.txt" # Allow Movie
#Allow / Block
acl goodkey url_regex "/etc/squid/goodkey.txt"
acl proxy url_regex "/etc/squid/proxy.txt"
acl social url_regex "/etc/squid/social.txt"
acl tutorial url_regex "/etc/squid/tutorial.txt"
acl movie url_regex "/etc/squid/movie.txt"
acl jobs url_regex "/etc/squid/jobs.txt"
#Download Limit
reply_body_max_size 3000 KB localnet !unlimited
request_body_max_size 3000 KB localnet !unlimited
#Allow
http_access allow special
http_access allow goodkey
#Proxy
http_access allow allow_proxy
http_access deny proxy
#Social
http_access allow allow_social
http_access deny social
#Tutorial
http_access allow allow_tutorial
http_access deny tutorial
#Movie
http_access allow allow_movie
http_access deny movie
#Jobs
http_access allow allow_jobs
http_access deny jobs
#ACL Allow
http_access allow localnet
#And finally deny all other access to this proxy
http_access allow localhost
http_access deny all
答案1
您必须将 ACL 组合在一行中http_access,如下所示:
http_access allow allow_tutorial tutorial
http_access deny allow_tutorial
通过以这种方式设置 ACL,您可以告诉鱿鱼:
- 如果 ACL 中的任何 IP
allow_tutorial尝试访问 ACL 中的任何 URLtutorial允许它 - 如果 ACL 中的任何 IP
allow_tutorial尝试访问任何 URL否认它