[CentOS] How to limit a user to access a few sites.

Mon Mar 26 08:29:45 UTC 2007
Indunil Jayasooriya <indunil75 at gmail.com>

Hi ,

I am now running squid with ncsa_auth.

I have bound ip addresses to usernames. So users now can access Internet
from their ips.

Now I want a few users to prevent from accessing all the sites. But Instead,
I want them to allow to access a few sites scuh as google.com,cnn.com,
bbc.com. I want to limit in that way.

I have wriiten below rules. But those users still can access all the sites.

external_acl_type ip_user %SRC %LOGIN %DST /usr/lib/squid/ip_user_check -f
/etc/squid/ip.conf

acl ncsa_users proxy_auth REQUIRED
acl ip_users external ip_user %SRC %LOGIN %DST

http_access deny !ncsa_users
http_access deny !ip_users
http_access allow ip_users
http_access allow ncsa_users

my ip.conf file is like this.
[root at worldnet squid]# cat /etc/squid/ip.conf
192.168.101.25   indunil .google.com .bbc.com .cnn.com
192.168.101.90  www90

Accoring to the above file, User indunil with ip address 192.168.101.25 has
access to google.com,bbc.com and cnn.com.
But the user indunil still has access to all the sites.

How can I solve this?


-- 
Thank you
Indunil Jayasooriya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20070326/6ebb5263/attachment-0004.html>