Anda di halaman 1dari 4

Hi, I'm trying to get time restrictions working with my smoothwall, I'm halfway there but I'm having

some troubles getting it to work exactly how I want.. I was originally going to schedule the stopping and starting of squid at the required times using cron, however, I came accross the following tip on how to do it better (http://martybugs.net/smoothwall/squid.cgi). I've got it working for a single time restriction, as per the example, however the rub for me is that I need two seperate restrictions. The idea is I want people to only be able to access the web between 12pm and 2pm and then again between 5pm and 9am. At the moment I have the following in my acl file: acl clients src 192.9.200.0 acl lunchtime time MTWHF 12:00-14:00 http_access allow clients lunchtime http_access deny clients But if I try to add either the same again: acl clients src 192.9.200.0 acl evening time MTWHF 17:00-09:00 http_access allow clients evening http_access deny clients Or add extra lines into the original example: acl clients src 192.9.200.0 acl lunchtime time MTWHF 12:00-14:00 acl evening time MTWHF 17:00 - 09:00 http_access allow clients lunchtime http_access allow clients evening http_access deny clients The web proxy service won't restart. Any ideas? Thanks, Matt

Time Restrictions: You can also use Squid ACLs to restrict web browsing to specific times. To allow a specific PC on your green network to only access the web during lunchtime on weekdays, edit /var/smoothwall/proxy/acl, and immediately before the line containing
http_access allow localnet

insert the following:


acl clients src 192.168.0.3 acl lunchtime time MTWHF 12:00-13:00 http_access allow clients lunchtime http_access deny clients

where the following day abbreviations can be used: S Sunday M T W H F A Monday Tuesday Wednesday Thrusday Friday Saturday

Note that all times need to be in GMT, as Smoothwall's Squid is configured to only use GMT (all logs are timestamped with GMT times too). Restart the web proxy through Smoothwall's web interface (by clicking the "Save" button) to make your changes take effect.

You have to edit squid.conf file as per your needs: Following is the basic configuration: vi /etc/squid/squid.conf visible_hostname hostname http_port 3128 transparent acl home src 192.168.222.0/24 http_access allow home If you want to block some sites then acl home src 192.168.222.0/24 acl bansites url_regex "/etc/squid/bannedsites" http_access deny home bansites http_access allow home Creating special user you will have all the rights acl poweruser arp "/etc/squid/poweruser" acl home src 192.168.222.0/24 acl bansites url_regex "/etc/squid/bannedsites" http_access allow poweruser http_access deny home bansites http_access allow home

Extract the content of zip file in c:\ Now go to c:\squid\etc via windows explorer and edit squid.conf file

Minimal configuration should be: visible_hostname hostname acl myusers src 192.168.1.0/24 http_access allow myusers Preparing squid In command prompt type: cd c:\squid\sbin #squid -z It should create swap directories Fire your web browser and put proxy setting as 127.0.0.1 and port as 3128 To run squid and launched it automatically run following cd c:\squid\sbin #squid -i -n squid -O "-D" Now run the service net start squid