[sclug] URL filtering by group of IP Address

[Bob Franklin]

Hello,

I wouldn't post something like that to so many lists in the same email. 
You've probably already had a reply from the Squid list - however, if not, 
here's some help...

The http_access lines are processed in order (from top to bottom):

   http_access <action> <clause1> [<clause2> ...]

When a line is found where all the clauses match (e.g. the client IP 
address part matches, the requested URI matches, etc.), the action is 
taken and the list is stopped; the order is important.

You probably want:

   http_access allow PWR-NET        # first allow all power users
   http_access deny porn NetUser    # now block porn to other users
   http_access allow NetUser        # ... allow them to other sites
   http_access deny all             # but block anyone else on the internet

You don't need to explicitly state that PWR-NET users are allowed to porn 
because the first line will match them (and allow access); since it 
doesn't state anything about requested URI, so that doesn't matter - 
everything is allowed.

   - Bob


-- 
  Bob Franklin <r.c.franklin at reading.ac.uk>          +44 (0)118 378 7147
  Systems and Communications, IT Services, The University of Reading, UK