Step 4: Access Control List
          Open the configuration file and write the ACL as per requirement in ACL we can do so many things
          1.  Restricting un-wanted (BAD) URL’s
          2.  Restrict access to internet based on time period
          3.  Control Downloads
          4.  Restrict file type downloads
          5.  Allow Networks to enable Internet access
          6.  Download speed control
          [root@server ~]# vim /etc/squid/squid.conf

          Step 5: To allow Network we have to write below ACL lines
          acl localnet src 192.168.4.0/24
          http_access allow localnet

          Step 6: To allow ports using ACL
          acl Safe_ports port 80 # http
          acl Safe_ports port 21 # ftp
          acl Safe_ports port 443 # https
          acl Safe_ports port 70 # gopher
          acl Safe_ports port 210 # wais
          acl Safe_ports port 1025-65535 # unregistered ports
          acl Safe_ports port 280 # http-mgmt
          acl Safe_ports port 488 # gss-http
          acl Safe_ports port 591 # filemaker
          acl Safe_ports port 777 # multiling http
          http_access deny !Safe_ports

          Step 7: Block bad sites
          acl badsites url_regex "/etc/squid/badsites"
          http_access deny badsites

          Step 8: write the bad sites in the file
          [root@server ~]# cat /etc/squid/badsites
          .facebook.com
          .twitter.com
          .youtube.com
          .linkedin
          .msn.com
          .myspace.com
          .flickr.com
          .google

          Step 9 Block File downloads
          acl blockfiles urlpath_regex "/etc/squid/blockfiles.acl"
          http_access deny blockfiles








                                                       S. Pradhan
                             (MCA, MBA-IT, BCA, CCNA, MCSA 2012, RHCE, ETHICAL HACKING)
                                             Email Id:-spradhan.iiht@gmail.com
                                                           152