Time for action – writing rules for special access
Let's say john, michelle, and sarah are the usernames allotted to our administrators and 192.0.2.46, 192.0.2.9, and 192.0.2.182 are their respective IP addresses allotted to their laptops. In this case, we are allowing additional access when the requests are originating from the above IP addresses or if the requests are authenticated with the credentials of the aforementioned users. The required ACL lists should look similar to the following:
acl admin_laptops src 192.0.2.46 192.0.2.9 192.0.2.182 acl authenticated proxy_auth REQUIRED acl admin_user proxy_auth john michelle sarah acl work_related_websites dstdomain "/opt/squid/etc/work_websites"
Now, we need to allow everyone to access only work related websites, except administrators who should be able to access everything. Therefore, we should build the following access rules:
http_access allow admin_laptops http_access allow admin_user http_access allow localnet work_related_websites authenticated...
