[plug] squid acl time codes

Gavin Rogers grogers at greenwood.wa.edu.au
Thu Jun 22 22:30:38 WST 2000


> access control lists.
> 
> What I am wanting to do is allow a limited group of users to have access
> limited to certain time periods.  The trouble is that squid is allowing
> the relevant users in at any point in time.  It is not a problem with
> the proxy_auth side of things as when I remove my test user from the
> "users.classA" file, the user is not allowed in... however with the test
> user listed in the users file, that user is allowed in at _any_ time,
> not just those listed in the "times.classA" file.
> 

Hello Paul,

I have been able to do the same sort of thing here - blocking domain
access by time of day. I know it doesn't use the proxy_auth that you are
using, but it may help you with your problem :)

These ACLs are desgined to stop game sites being accesed during class
time, but the first control can be changed to check for source IP etc
etc...

First, I have an ACL called banned_sites which are the sites which I don't
want to be accesed during school hours, but I don't mind during lunch
time:

acl banned_games dstdomain eyeone.com games.yahoo.com (etc)

Next, I have a time ACL. For our school, this defines the times during
lunch time and before/after school:

acl game_times time MWHF 13:35-14:05
acl game_times time MTWHF 15:10-23:59
acl game_times time MTWHF 00:00-09:00
acl game_times time T 12:20-12:45
acl game_times time SA 00:00-23:59

Then there is a simple ACL which tells squid to deny access to
banned_games when game_times is false:

http_access deny localnet banned_games !game_times       

I hope this helps.


Gavin Rogers
Greenwood Senior High School





More information about the plug mailing list