Posted on 2011-03-10
i have a fedora box running squid as a proxy server. currently it is blocking everything but a few websites for a few of the pc's i take care off. the squid.conf file has entries like this
acl blksites src 172.16.26.23
acl oksites dstdomain "/etc/squid/allowsites.acl"
http_access allow blksites oksites
# tom's pc
acl tomblksites src 172.16.26.26
acl tomoksites dstdomain "/etc/squid/allowsites.acl"
http_access allow tomblksites tomoksites
and so on - now i need, for the rest of the pc's ( so about 40 ) to allow everything and block only a few things like facebook. i found the convenience of the list very nice, so that i could add to the list and just restart the service. i've been told that squid reads the conf file from the top down. so i guess if i where to put something like
http_access allow all
at the bottom as the last entry - would that mean that all the entries above would be ignored, and then the pc's that are suppose to have everything blocked but a few sites would now be allowed all sites? is it possible to have the rules on the same server? or would i need a proxy to block everything and allow a few sites - and a proxy to allow everything and block a few?