A guide to configuring Access Control Lists (ACL) in squid
ACL stands for Access Control List and specifies who is allowed to access what and what operations are allowed by whom on a system. Squid Proxy Server uses ACLs to control access to the Squid proxy daemon. In this article we will tell you some points about ACL configuration in Squid.
Create a basic ACL for hosts
To define a ACL for a particular list of IPs who can use the SQUID proxy, we use the following directive in the squid configuration file ( /etc/squid/squid.conf ):
acl list1 src IP1 IP2 IP3 IP4 …… IPN
In the above directive, list1 is the name for the access control list that consists a group of IP addresses. The directive src specifies that the defined IP addresses are the sources who will access the SQUID proxy.
To control the IP addresses or hosts where traffic can go or not from the SQUID proxy an ACL can be defined using the following directive in the squid config file(/etc/ squid/ squid.conf ):
acl list2 dest IP1 IP2 IP3 IP4 …… IPN
Note the use the dest directive instead of the src directive as shown earlier.
Create a basic ACL for ports
You can also create an access list for ports that you may not want to connect to or vice-versa. You can do the configuration using this directive in the same /etc/squid/squid.conf file as shown below:
acl PORT_NAME port PORT_NUMBER
Well these two configurations shown above are just basic. You should see this advanced squid configuration guide.