Squid Custom ACLs

Squid Custom ACLs Users often want to implement more complex access rules for the web proxy servers than the EFW GUI permits. The solution to this is to write custom ACLs for Squid (the proxy engine in EFW). Patricio Bruna has figured out how to do this. Reading the code in advproxy.cgi Patricio realized that Endian obeys two files: /var/efw/proxy/custom-acl.conf and /var/efw/proxy/custom-acl-allow.conf (this is not mentioned in the EFW documentation). The first file defines the ACLs and the second file declares the rules (i.e., the “http_access” lines). Patricio then created the appropriate web pages so that you can access these files from the EFW GUI. More specifically, he created an additional sub-menu called “Advanced ACL” in the HTTP page of Endian’s Proxy tab. Selecting this sub-menu provides a web page that allows you to specify ACLs and rules (“http_access”) that Squid will use. What I’ve done is package Patricio’s contribution into an RPM to make it trivial to install: endian_2.1.2_squid_custom_ACL-1.0-1.noarch.rpm endian_2.1.2_squid_custom_ACL-1.0-1.src.rpm ------------------------------------------------------------------------------------------------- Squid Custom ACLs - How to... Solution posted « on: January 01, 2009, 04:51:21 am » I wanted to use the extra squid ACL function provided in the extras but ran into a problem with the install script. The "Advanced ACL" link never shows up on the gui. Here's how to fix it. 1. Put this RPM file on your endian box: http://alumnus.caltech.edu/~igormt/endian/files/endian_2.1.2_squid_custom_ACL-1.0-1.noarch.rpm2. Log into your endian box via ssh.At the command line type: rpm -ivh endian_2.1.2_squid_ustom_ACL-1.0-1.noarch.rpm3. Edit the following with vi.vi /var/efw/er.pl4. Search in the file for $subhttp->{'07.pol5. Add the following below the chunk of code: $subhttp->{'08.advancedacl'} = { 'caption' => _('Advanced ACL'), 'uri' => '/cgi-bin/proxyacl.cgi', 'title' => _('HTTP: Advanced ACL'), 'enabled' => 1, };That's it. This add on is very valuable. I use it to easily filter doubleclick, remove *banners* *ads* etc.

ลุกขึ้นสู้ดีกว่ายอมตาย