Autenticação e bloqueio de palavras e site no squid [RESOLVIDO]

1. Autenticação e bloqueio de palavras e site no squid [RESOLVIDO]

felixdinizz
(usa Ubuntu)

Enviado em 21/02/2014 - 17:24h

Prezados, boa tarde!
Tenho ubuntu 12.04 instalado rodando squid3, o problema que esta ocorrendo é:
O squid3 autentica usuário, mas não bloqueia palavras e sites, queria bloquear por palavras, site, download, e horário somente algumas pessoas, diretoria acesso total.

#SQUID 3.0

http_port 3128

visible_hostname RESTRICTED_AREA_CONTACT_NETWORK_ADMINISTRATOR

cache_access_log /var/log/squid3/access.log

#######################################
## REGRAS DE AUTENTICAÃDE USUARIO ##
#######################################
auth_param basic realm "Entre com seu usuario e senha"
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid3_passwd
auth_param basic children 5
#auth_param basic credentialsttl 8 hours ###( tempo que o usuario ficara logado ate pedir autenticacao novamete )
auth_param basic casesensitive off ### ( Case sensitive on diferencia maiuscula e minusculas )
acl autenticados proxy_auth REQUIRED
http_access allow autenticados

cache_mem 64 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid3 2048 16 256
cache_access_log /var/log/squid3/access.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255

acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl SSL_ports port 22 #ssh
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl afe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # portas altas
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

#############################################
## Regra para liberar em horario de almoco ##
#############################################
acl INTERVALO time SMTWHFA 12:00-14:00
http_access allow ENTRETENIMENTO

#############################
##Regra bloqueando palavras##
#############################
acl palavras_bloqueadas dstdom_regex "/etc/squid3/palavras_bloqueadas.txt"
http_access deny palavras_bloqueadas

#############################
## Regra bloqueando site ##
#############################
acl sites_bloqueados proxy_auth "/etc/squid3/sites_bloqueados.txt"
http_access deny sites_bloqueados

#############################
## Regra bloqueando por IP ##
#############################
acl ipsbloqueados src "/etc/squid3/ipsbloqueados.txt"
http_access deny ipsbloqueados

##############################################
## Regra bloqueando por extencao de arquivo ##
##############################################
acl extban url_regex -i "/etc/squid3/extban.txt"
http_access deny extban

error_directory /usr/share/squid3/errors/Portuguese/
coredump_dir /var/spool/squid3/

acl redelocal src 192.168.1.0/24
http_access allow localhost
http_access allow redelocal
http_access deny all

0 0

Quote

2. Re: Autenticação e bloqueio de palavras e site no squid [RESOLVIDO]

prsouza91
(usa Ubuntu)

Enviado em 24/02/2014 - 14:21h

Cara, coloque suas regras de bloqueio por exemplo "http_access deny palavras_bloqueadas" antes das regras
"http_access deny !Safe_ports"
"http_access deny CONNECT !SSL_ports"

pois o squid vai ler esse arquivo de cima para baixo, sendo assim ele irá ler primeiro a regra de bloqueio e depois
as de liberação.
Se eu estiver errado me desculpe hehe não sou experiente, mas acredito que seja isso..

Até mais

0 0

Quote