Linux – Adding wild card to squid ACL

access-control-listlinuxsquid

I want to add a wild card to squid ACL.

acl mp3_ext url_regex s-i *.mp3

Best Answer

The documentation covers these situations...

acl mp3_ext url_regex [-i] \.mp3$

Related Solutions

Linux – squid acl policy using username

You need to define and use ACLs of type proxy_auth; as per the page you linked:

Acl Type: proxy_auth

Description User authentication via external processes. proxy_auth requires an EXTERNAL authentication program to check username/password combinations (see authenticate_program ).

Usage acl aclname proxy_auth username...

use REQUIRED instead of username to accept any valid username

Example acl ACLAUTH proxy_auth usha venkatesh balu deepa

This acl is for authenticating users usha, venkatesh, balu and deepa by external programs.

This way, Squid will authenticate the users using any authentication method you choose (you said this is already in place, so you should have no problem here), and then you will be able to filter access based on usernames.

Sample configuration:

acl Good_Users user1 user2 user3
http_access allow Good_Users
http_access deny all

This will only allow user1, user2 and user3 to access the web.

Specifying multiple acl conditions on one acl line of squid.conf

Unfortunately, the fixed AND/OR logic of Squid's ACL list means that you can only implement an AND condition on the access line, not on the ACL line:

You've probably noticed (and been frustrated by) the fact that you cannot combine access controls with terms like "and" or "or." These operations are already built in to the access control scheme in a fundamental way which you must understand.

All elements of an acl entry are OR'ed together.
All elements of an access entry are AND'ed together

Is there some real reason you can't do it this way?

Best Answer

Related Solutions

Linux – squid acl policy using username

Specifying multiple acl conditions on one acl line of squid.conf

Related Topic