-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I got it working.=20 In case anyone cares...=20 I had to do this in the squid.conf file: acl blocked_sites dstdomain "/etc/squid/blocked" acl bademployee src 192.168.0.5 http_access deny blocked_sites bademployee /etc/squid/blocked is a file that lists all the sites mail.yahoo.com =2Ehotmail.com =2Ewildemail.com =2Emicrosoft.com that sort of thing. I had to enable all the debugging in squid so I could= tail=20 the log and see what was happening. I had the Allow all acl in place, so = that=20 was pretty much blowing over anything else I put in. I got rid of that an= d=20 everything works great. nathan Am 03 Dienstag, Dezember 2002 23:14 schrieb Nathan England: > I agree completely, but you must realise, this is Payson. If the employ= ee > shows up for work everyday, that's better than 99% of the rest of the > people in this town! > > We totally disabled net access before, but it became too much of a burd= en > for some of the others. > > We use cable access, and it has to dial up before you can use it. Becau= se > of this, I have not been able to get any IP chains stuff to work. Once = the > phone connection is dropped the net IP stays the same, but then we can = no > longer get to the cable modem to tell it to dial again. So I have to st= op > ipchains, then reset the IP address, then dialup, then reset the ipchai= ns > again. Until the line is dropped. Our phone lines really really suck. > > So, I made a script that checks if it's online and does nothing, but wh= en > it gets dropped, it automatically resets everything and allows us to ge= t > back to it and I do nothing... > > Now, hoping you understand the situation, when I set ipchains to block > 192.168.0.5 from accessing yahoo.com it never seems to work. > I'm not as fluent with ipchains as I should be, so maybe I'm doing it > wrong, or in the wrong spot in my script. > But doesn't yahoo have multple machines for mail.yahoo.com ? Or is it > always the same ip? > > What would I use? > > ipchains -A input -p tcp -s 192.168.0.5 -d mail.yahoo.com -j DENY > > ??? > > Thanks again. > > Am 03 Dienstag, Dezember 2002 22:55 schrieb Lee Levine: > > Tell the employee to either stop checking e-mail from work > > or go look for another job. > > > > After all, if he/she isn't working, then he/she shouldn't get paid. > > > > Taliesin MacAran > > Phoenix, Arizona > > My webpage http://kd7eth.net > > > > Taliesin's Az. Weather Page > > http://kd7eth.net/Weather.shtml > > MOLON LABE!!! > > > > GunFree Camps(tm) http://www.royalrife.com/990605.html > > > > The debate over whether to not to arm pilots has focused on the size = of > > the hole made by the projectile... With an unarmed pilot, the project= ile > > will be fired from an F-16 scrambled to intercept. I suggest that the > > F-16's projectile will make a larger hole than the handgun will. > > --JIM RICHARDSON > > ----- Original Message ----- > > From: "Nathan England" > > To: > > Sent: Tuesday, December 03, 2002 22:14 > > Subject: squid problem > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > I'm trying to block a specific web adress. A computer in my office is= on > > 192.168.0.5 > > I need to block that IP from going to mail.yahoo.com as the employee > > using that computer will not stop checking email and it has begun > > interfering with the employees work. > > > > I setup squid to keep track of the proxy access and I set the DHCP se= rver > > to give the 192.168.0.5 address a dns server of 127.0.0.1 so it has t= o > > use the proxy to access the net. > > Now I just can't get the ACL correct to block access to mail.yahoo.co= m > > or login.yahoo.com.. and a list of others, but if I can get one to wo= rk, > > I'll > > be happy. And any advice would be great! > > Even not using squid, if someone else knows an easy route to do this. > > Unfortunately, the employee does need net access for the job. > > > > Thanks > > > > - -- > > Nathan England > > > > plug at the-arcanum.org > > jabber id: linuxjunkie@jabber.earth.li > > > > "A free society is one where it is safe to be unpopular." > > - --Adlai Stevenson > > > > > > - ----------------------------------------------------------------- > > > > Registered Linux User #189789, Machine #106603 > > www.sincerechoice.org > > > > Spam related material will be forwarded to: > > uce@ftc.gov > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.7 (GNU/Linux) > > > > iD8DBQE97Y9OQ7yNnsYcupwRAiByAKCUMutojyNpjQjND//roph13vBRhwCffnZD > > PXQg4mTWTOkpK3evUaT4ckQ=3D > > =3Dw1pD > > -----END PGP SIGNATURE----- > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change you mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > > > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > > To subscribe, unsubscribe, or to change you mail settings: > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss - --=20 Nathan England plug at the-arcanum.org jabber id: linuxjunkie@jabber.earth.li "A free society is one where it is safe to be unpopular." - --Adlai Stevenson - ----------------------------------------------------------------- Registered Linux User #189789, Machine #106603 www.sincerechoice.org Spam related material will be forwarded to: uce@ftc.gov -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE97be9Q7yNnsYcupwRArpxAKCgG7WYaohuQ8nU9DPR7KfIZ6gyogCgjZt8 qAF6hbM+MlR4MPI4+ctU+AY=3D =3Dh6Ah -----END PGP SIGNATURE-----