Squid ACL syntaxAbout squid ACL syntax
ACL, access control list, and access control list. Its syntax is: (add in/usr/local/squid/etc/squid. conf)
ACL table name table Type [-I] Table value
Http_access [Allow/deny:
Table Name: Customizable
Table type: The table types include:
SRC Source Address: IP address of the client
DST Destination Address: IP address of the server
Srcdomain source domain: the domain to which the client belongs
Dstdomain destination domain: the domain to which the server belongs
Url_regex URL Regular Expression (string part)
Path in urlpath_regex URL Regular Expression
Time [week] [time period]
Maximum number of connections of the maxconn Client
-I: This parameter makes squid case insensitive.
Table value: varies with the table type.
Note: The Week in time must contain the following characters:
S (Sunday, Sunday) m (Monday, Monday) T (Tuesday, Tuesday) W (Wednesday, Wednesday)
H (Thursday, Thursday) f (Friday) A (Saturday, Saturday)
The time period is expressed as: XX: 00-yy: 00, for example :-
The http_access option allows you to set whether a table is allowed (allow) or deny (deny)
The following is an example of anti-3721 ACL. Add it to squid. conf:
ACL badurls dstdomain-I www.3721.com www.3721.net download.3721.com cnsmin.3721.com
Http_access deny badurls
ACL badkeywords url_regex-I 3721.com 3721.net
Http_access deny badkeywords
Explanation:
Badurls and badkeywords are your custom table names.
Dstdomain is the server domain name (destination domain), while url_regex is the content contained in the URL Regular Expression (string part.
The deny of the http_access option denies access to the badurls and badkeywords tables.
Flash download prohibited:
ACL badfiles urlpath_regex-I. SWF $
Http_access deny badfiles
