Squid - 允许本地网络访问特定网站答案

【问题标题】：Squid - Allow local network to access specific websitesSquid - 允许本地网络访问特定网站
【发布时间】：2021-01-29 12:27:40
【问题描述】：

会议-

acl localnet src 10.0.0.0/8

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl Safe_ports port 1025-65535 # unregistered ports
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager

acl allowed_http_sites dstdomain /etc/squid/whitelist.txt
http_access allow localnet allowed_http_sites
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern . 0 20% 4320

这不起作用。我希望我的 localnet 只使用特定的网站。上面的配置我被禁止了。

【问题讨论】：

标签： proxy squid

【解决方案1】：

我错过了白名单网站 ACL 中的双引号。傻一个。无论如何，下面的配置运行良好。

http_port 3128
acl localnet src 10.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl Safe_ports port 1025-65535 # unregistered ports
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
acl allowed_http_sites dstdomain "/etc/squid/whitelist.txt"
http_access allow localnet allowed_http_sites
http_access deny all
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern . 0 20% 4320

【讨论】：