squid (squid.conf)
Conf do squid bastante simples e funcional
Categoria: Segurança
Software: squid
[ Hits: 8.168 ]
Por: Bruno Salmito Filizola de Faria
Conf com bloqueio de palavras chaves, bloqueio de download por extensão de arquivos, bloqueio e liberação de sites e domínios e proxy transparente.
http_port 0.0.0.0:8080 #Ip do servidor proxy / porta utilizada hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY ftp_user Squid@ ftp_passive on hosts_file /etc/hosts refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl manager proto cache_object acl SSL_ports port 443 563 acl SSL_ports port 873 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl Safe_ports port 631 acl Safe_ports port 873 acl Safe_ports port 901 acl Safe_ports port 1338 #Millenium Worm acl Safe_ports port 6776 #Sub 7 acl purge method PURGE acl CONNECT method CONNECT ######################### cache_dir ufs /var/spool/squid 1024 16 256 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl rede src 0.0.0.0/0.0.0.0 #Rede linterna acl Safe_ports port 8080 acl CONNECT method CONNECT acl liberadominio dstdomain "/etc/squid/Regras/regras_acesso" #Coloque aqui os sites a serem liberados acl acesso url_regex -i "/etc/squid/Regras/acesso" #Coloque aqui os sites bloqueados ######################### acl bloq_extensao url_regex "/etc/squid/Regras/extensao" #Coloque aqui estensões a serem bloqueadas ######################### acl palavra url_regex -i "/etc/squid/Regras/regras_palavras" #Coloque aqui as palavras chaves a serem bloqueadas acl palavra url_regex -i "/etc/squid/Regras/palavras" # Esta regra bloqueia todas as palavras sem diferencias maiusculas de minusculas ######################### acl malware_block_list url_regex -i "/etc/squid/Regras/malware" ######################### ########### REGRAS ############## http_access allow rede liberadominio http_access deny all malware_block_list http_access deny all bloq_sites ######################### http_access deny all palavra ######################### http_access deny all bloq_extensao ######################### http_access allow manager localhost http_access allow rede http_access deny !Safe_ports http_access deny all ######################### cache_effective_user proxy cache_effective_group proxy visible_hostname Proxy Server ######################### deny_info ERR_ACCESS_URL bloq_sites deny_info ERR_ACCESS_MALWARE malware_block_list ######################### deny_info ERR_ACCESS_FILE palavra ######################### deny_info ERR_ACCESS_DOWN bloq_extensao ######################### error_directory /usr/share/squid/errors/Portuguese/ ######################### httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on #########################
Melhorando o tempo de boot do Fedora e outras distribuições
Como instalar as extensões Dash To Dock e Hide Top Bar no Gnome 45/46
E a guerra contra bots continua
Tradução do artigo do filósofo Gottfried Wilhelm Leibniz sobre o sistema binário
Conheça o firewall OpenGFW, uma implementação do (Great Firewall of China).
Instalando o FreeOffice no LMDE 6
Anki: Remover Tags de Estilo HTML de Todas as Cartas
Colocando uma opção de redimensionamento de imagem no menu de contexto do KDE
Problema com alias usando locate (6)
Como adicionar módulo de saúde da bateria dos notebooks Acer ao kernel... (20)
Alguém pode me ajudar porfavor como executar comandos ao iniciar no i3... (1)
[Shell Script] Script para desinstalar pacotes desnecessários no OpenSuse
[Shell Script] Script para criar certificados de forma automatizada no OpenVpn
[Shell Script] Conversor de vídeo com opção de legenda
[C/C++] BRT - Bulk Renaming Tool
[Shell Script] Criação de Usuarios , Grupo e instalação do servidor de arquivos samba