Now let’s create the file /etc/squid/dominios_proibidos.txt. In this case, we are blocking http ( http_access deny) access to ACL domains (Dominios_Proibidos) and that have their MACs in the ACL ( SRC_MAC). Now let’s use (http_access deny Dominios_Proibidos SRC_MAC). (acl Dominios_Proibidos dstdomain “/etc/squid/dominios_proibidos.txt”) = Next, we use the ACL ( Dominios_Proibidos) to block the destination (dstdomain) domains stored in the file ( “/etc/squid/dominios_proibidos.txt”) Http_access deny Dominios_Proibidos SRC_MAC acl SSL_ports port 443Īcl Dominios_Proibidos dstdomain "/etc/squid/dominios_proibidos.txt" This way, priority clients can typically access, while others suffer access restrictions. This type of domain filtering based on the client’s MAC is interesting when we want to prioritize some clients in the network. Other clients on the network will be able to access the domains usually. In this case, we want some clients with MAC in the file (/etc/squid/SRC_MAC.txt) not to have permission to access some domains. Now clear the client browser cache and try to access. For this we can use an editor: sudo nano /etc/squid/SRC_MAC.txt Now let’s create the /etc/squid/SRC_MAC.txt file. Next, we use (http_access deny SRC_MAC) to block http (http_access deny) access to MACs contained in the ACL (SRC_MAC). (acl SRC_MAC arp “/etc/squid/SRC_MAC.txt”) = Here, the ACL (SRC_MAC) uses the source MACs (arp) stored in the file ( “/etc/squid/SRC_MAC.txt”). This is the /etc/squid/ nf file: acl SSL_ports port 443 Now let’s create a MAC block list of the clients we want to block. Next, let’s restart squid : sudo service squid restart Now let’s create the /etc/squid/SRC_IP.txt file. Next, we use the (http_access deny SRC_IP) to block http (http_access deny) access to the IPs contained in the ACL (SRC_IP). (acl SRC_IP src “/etc/squid/SRC_IP.txt”) = Here, the ACL (SRC_IP) uses the source IPs (src) stored in the file ( “/etc/squid/SRC_IP.txt”). This is the file: /etc/squid/nf acl SSL_ports port 443 In this case we will create a block list of IPs of the clients we want to block. Http_access deny all Configure the clients’ browser: In this case the squid proxy IP is 192.168.10.1 and the port used is 3128. # Deny requests to unsafe ports = no Safe_ports Here we use the same initial configuration file (nf) that we used in the post: Squid Proxy Installation and configuration. 3) Rule filtering domains by client MACs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |