nixCraft

Hi

I have installed redhat linux 9.0 in our office and configured squid transperant proxy + iptables firewall. I have segregated my users into two groups like support staff and general users. There is no restriction for support staff and general users can browse only their allowed site and i denied access to all pronography stuffs for all. Now i want to add few more urls to be allowed to browse, entered the same in my ACL. But squid is not allowing, but already allowed sites i able to browse but newly added urls i am not able to browse.

Here is my ACL control list

http_access allow localhost
acl mylan src 192.168.1.0/255.255.255.0
acl allowed_pc src "/etc/squid/allowed_pc"
acl support_staff src "/etc/squid/support_staff"
acl general src "/etc/squid/general"
acl rejects url_regex "/etc/squid/rejects"
acl allowed dstdomain "/etc/squid/allowed"

http_access deny rejects
http_access deny !allowed_pc
http_access deny !mylan
http_access allow general allowed allowed_pc
http_access allow support_staff !general
http_access deny all

"allowed_pc" contains all the ip address to be able to access internet
"support_staff" contains the ip address of theirs
"general" contains all the general users ip address

"rejects" has all the keywords and domain name of pronography stuffs. For eg.

# vi rejects
.sex.com
.playboy.com
xxx.com
teengirls
.
.
etc

"allowed" has all the urls which can be accessed by general group. For eg.

# vi allowed
www.firstflight.com
www.ffclchennai.net
http://mq.hathway.com/mqsweb
www.royalsundaram.com
https://onlineservices.tin.nsdl.com/...eUsingPanno.do
incometaxindiaefiling.gov.in
mail1.hathway.com
.
.
.
etc

In the above list , www.firstflight.com
www.ffclchennai.net i am able browse which i made the entry at the time of installation. I recently added the remaining site, but i am unable browse the following sites

http://mq.hathway.com/mqsweb
www.royalsundaram.com
https://onlineservices.tin.nsdl.com/...eUsingPanno.do

surpringly i am able to browse incomtaxindiaefiling.gov.in , that also i added recently.

I am restarting the squid server after each modification....

I have no clue what went wrong. Desperately need solution. Can you help me out

Thanks in advance

Sakthi

Just add domain name, no need to add url and http stuff:
Let me know...

__________________
Rocky Jr.
You may have my body & soul, but you will never touch my pride!

If you have knowledge, let others light their candles at it.

Certified to work on HP-UX / Sun Solaris / RedHat

Even i added only domain name. It's not working..... To test the same i installed one more linux server configured the same, given only domain name, i am able to browse. But in first server i couldn't browse.. I have ditto configuration in both the servers . It's behaving funny,..

Somewhere i am making mistake.... checked the syntax for any extra space , instead of putting the allowed sites in a separate files i added those domain names in the acl command itself like

acl xyz dstdomain mq.hathway.com .llspl.com

but still the same result.... where is the mistake..

Pls. help me out

Thanks in advance

Sakthi.S

Can someone help me out.....

Regards
Sakthi

Make sure you are using same version of squid.

__________________
Rocky Jr.
You may have my body & soul, but you will never touch my pride!

If you have knowledge, let others light their candles at it.

Certified to work on HP-UX / Sun Solaris / RedHat