Home > Others

Operations ACL access Control simple configuration

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Problem

With exercise three, you write and apply an ACL policy that implements the following requirements:

    • Allow network segment 192.168.4.0/24 from Monday to Friday from 09:30 to 18:00 through proxy access to the extranet

    • The IP address is 192.168.4.205 the host can not access the extranet at any time by proxy

4.2 Solutions

ACL access control permissions are defined through ACL directives.

ACL access control lists are applied through http_access.

Http_access strategy and rule order:

    • Http_access allows or prohibits a class of users from accessing the proxy based on the access control list;

    • Http_access rules are matched in the order they are arranged, and once the matching rules are detected, the matching detection ends immediately;

    • Access lists can consist of multiple rules;

    • If no rules match the access request, the default action will correspond to the last rule in the list;

    • Http_access defines the allowable rules by means of allow;

    • Http_access defines a deny rule by using Deny.

4.3 steps

The implementation of this case needs to follow the steps below.

Step One: Configure Squid access Control List

1) Modify the configuration file

  2. [[email protected] ~]# vim /etc/squid/squid. Conf

  4. .. ..

  6. acl   work_hours  time MTWHF  09 : : //define working time

  8. ACL LAN1 src 192.168.4.0 // /definition Network segment

  10. ACL PC1 src 192.168.4.205 // /define host

  12. #http_access allow localnet //comment diverted

  14. http_access allow LAN1 work_hours //Apply an ACL rule that allows hosts within the network segment to use a proxy server during business hours

  16. Http_access allow PC1 //apply ACL rules, allowing host

  18. Http_access deny All//Reject all

2) Restart Squid service

  2. [[email protected] ~]# service Squid restart

  4. stopping squid:                                            [  ok  

  6. starting                                           squid: . [ OK ]

Step Three: Client testing

Verify that you can use a proxy server in the appropriate time by modifying the client IP address.


Operations ACL access Control simple configuration

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
access automation operations configuration management document control simple version control system simple sequence control structure apache access log configuration mandatory access control vs discretionary access control mandatory access control vs discretionary access control

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More