0

بلاگ

خدمات شبکه فراز نتورک > دانلود رایگان > لینوکس و یونیکس > Block sites for some users by Squid

Block sites for some users by Squid

2021/01/17
ارسال شده توسط
لینوکس و یونیکس
969 بازدید
Block sites for some users by Squid

Block sites for some users by Squid

With Squid you can prevent users from viewing the sites, or not accessing the site during office hours

Define ACLs by using the user’s car’s IP address and specifying one or more specific sites, or by using templates to specify sites for users

In Squid all restrictions are done by ACL and their definition, you can not cache sites that users or some of them see, allow access at certain hours, set limits on Download and Upload volume for users, bandwidth Control and so on

For example, users can only access sites during office hours (8 am to 12 noon and from 1 pm to 6 pm) and some IPs are blocked

:Open the squid.conf file and define the following ACLs in it

vi /etc/squid/squid.conf

Each ACL has a name and a type. Also a value commensurate with its type. The two ACLs defined below are called morning_hours and evening_hours of the time type, which specify the time period of office hours (between 12 and 13 o’clock is the time of prayer, lunch,) etc

acl morning_hours time M T W H F 8:00-12:00

acl evening_hours time M T W H F 13:00-18:00

Of the two ACLs below, the first ACL is url_regex and its value is the path of a file containing patterns of URLs, and the second ACL is src and its value is the file containing the addresses of the clients to be blocked

“acl deniedDomains url_regex src” /etc/squid/deniedDomains

“acl blacklistIP src/” etc/squid/blacklistIP

Using the following two lines, apply the Deny policy to the ACLs defined above. Read the following two lines : The IP addresses of the clients in the file specified in the blacklistIP do not have access to the site addresses in the file specified in the deniedDomains between 8 am and 12 noon and from 1 pm to 6 pm

http_access deny deniedDomains morning_hours blacklistIP

http_access deny deniedDomains evening_hours blacklistIP

The restrictions imposed above should definitely not apply to managers or even other employees working in the company with the Internet

So by defining the following ACL and then applying the http_access allow policy, we will allow other users access at all hours

“acl myNetworksrc” /etc/squid/acl

http_access allow myNetwork

One thing to keep in mind when writing ACLs and applying policies is that the policy is applied immediately after defining the ACLs. The last step is to complete the creation of three files: Create a deniedDomains file that holds a list of site URL templates

vi /etc/squid/deniedDomains

Create a blacklistIP file that lists unauthorized clients

vi /etc/squid/blacklistIP

For example, enter the following addresses. The first three addresses for the three clients and the last line of the entire network are 192.168.214.0/24

192.168.0.254

192.168.1.100

192.168.1.120

192.168.214.0/24

Finally, create an acl file that shows the list of authorized clients

vi /etc/squid/acl

The following addresses may be included

192.168.1.0/24

192.168.214.0/24

172.16.80.12

: Finally, enter the following command to restart Squid

service squid reload

Note: Note that all values ​​used in these files should vary according to your network and needs

 

جهت مشاهده دوره های آموزشی بر روی این لینک کلیک نمایید.

جدیدترین اخبار مجموعه فراز نتورک را در این صفحه اجتماعی دنبال کنید.

اشتراک گذاری:
برچسب ها:
در تلگرام
کانال ما را دنبال کنید!
در اینستاگرام
ما را دنبال کنید!

مطالب زیر را حتما مطالعه کنید

دیدگاهتان را بنویسید