pok182
(usa Ubuntu)
Enviado em 05/05/2010 - 16:02h
Meu squid.conf (lembrando que meu ip é 192.168.0.50 e é esse ip que tem que passar direto pelo firewall e pelo squid)
#Default:
http_port 3128
#We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
hosts_file /etc/hosts
#auth_param ntlm use_ntlm_negotiate off
#auth_param basic program /usr/bin/ncsa_auth /etc/squid/passwd
auth_param basic program /usr/lib/squid/ncsa_auth /usr/local/squid/etc/passwd
auth_param basic children 5
auth_param basic realm Digite o usuario e a senha
auth_param basic credentialsttl 40 minute
auth_param basic casesensitive off
#Regras e ACLs de Grupos e Acessos
acl ip_livre src "/etc/squid/acls/ip_livre"
acl grpacessorestrito proxy_auth "/etc/squid/acls/grpacessorestrito"
acl grpacessototal proxy_auth "/etc/squid/acls/grpacessototal"
acl grpacessototal2 proxy_auth "/etc/squid/acls/grpacessototal2"
acl grpantivirus proxy_auth "/etc/squid/acls/grpantivirus"
acl grpjuridico proxy_auth "/etc/squid/acls/grpjuridico"
acl grpcompras proxy_auth "/etc/squid/acls/grpcompras"
acl grppresidencia proxy_auth "/etc/squid/acls/grppresidencia"
acl grplicitacao proxy_auth "/etc/squid/acls/grplicitacao"
acl grpadm proxy_auth "/etc/squid/acls/grpadm"
acl grpdp proxy_auth "/etc/squid/acls/grpdp"
acl grpplantao proxy_auth "/etc/squid/acls/grpplantao"
acl blacklist url_regex "/etc/squid/acls/blacklist"
acl blacklist2 url_regex "/etc/squid/acls/blacklist2"
acl url_free url_regex "/etc/squid/acls/url_free"
acl url_bloqueios url_regex "/etc/squid/acls/url_bloqueios"
acl url_liberados url_regex "/etc/squid/acls/url_liberados"
acl url_antivirus url_regex "/etc/squid/acls/url_antivirus"
acl url_compras url_regex "/etc/squid/acls/url_compras"
acl url_adm url_regex "/etc/squid/acls/url_adm"
acl url_plantao url_regex "/etc/squid/acls/url_plantao"
acl url_dp url_regex "/etc/squid/acls/url_dp"
#acl ip_livre src "/etc/squid/acls/ip_livre"
# DEFINE O CAMINHO DO ARQUIVO DE USUÃOS LIBERADOS
acl usuarios_liberados proxy_auth "/etc/squid/acls/usuarios_liberados" http_access allow usuarios_liberados # DEFINE O CAMINHO DO ARQUIVO DE SITES BLOQUEADOS
acl sites_bloqueados url_regex -i "/etc/squid/acls/sites_bloqueados"
#http_access deny sites_bloqueados
#Bloquei MSN
acl msn url_regex -i /gateway/gateway.dll
http_access deny msn
# DEFINE O CAMINHO DO ARQUIVO DE PALAVRAS BLOQUEADAS
acl palavras_bloqueadas dstdom_regex "/etc/squid/acls/palavras_bloqueadas"
#http_access deny palavras_bloqueadas
#Suggested default:
#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl access proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
http_access allow url_free
http_access allow ip_livre
http_access allow grpacessototal
acl autenticacao proxy_auth REQUIRED
http_access deny palavras_bloqueadas
http_access deny sites_bloqueados
http_access deny blacklist !grpacessototal
#http_access deny blacklist2 !grpacessototal
#http_access allow grpacessototal
http_access allow grpacessototal2 !blacklist2
http_access allow grpacessorestrito url_liberados
http_access allow grpjuridico !blacklist2
http_access allow grppresidencia
http_access allow grplicitacao !blacklist2
http_access allow grpcompras !blacklist2
http_access allow grpantivirus url_antivirus
http_access allow grpadm url_adm
http_access allow grpplantao url_plantao
http_access allow grpdp url_dp
http_access deny url_bloqueios
acl manager proto cache_object
http_access allow autenticacao
http_access deny all
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
# Only allow purge requests from localhost
http_access allow purge localhost
http_access deny purge
http_access allow purge localhost
http_access deny purge
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname ubuntu2
# TAG: unique_hostname
#Default:
cachemgr_passwd teste all
#Default:
error_directory /usr/share/squid/errors/pt-br
# GERA O RELATÃO PARA VISUALIZAR OS SITES ACESSADOS
cache_access_log /var/log/squid/access.log
# OPÃS DO CACHE (1)= diz que seráeservado *** MB em disco (2)= que poderáaver ** diretós (3)= indica o nú mámo aceito de arquivos por diretó.
cache_dir ufs /var/cache/squid 5000 16 256
#TAMANHO DE MEMORIA RAM QUE O SERVIDOR DISPONIBILIZARA PARA REALIZAR AS CONSULTAS
cache_mem 8 MB
#Tamanho mámo de um objeto
maximum_object_size 40960 KB
#Tamanho mámo de um objeto na memó RAM, caso o objeto seja
#maior que o valor estipulado ele seráravado direto no disco
maximum_object_size_in_memory 128 KB
# Leave coredumps in the first cache dir
# ESSE coredump_dir /var/spool/squid
#ignore_expect_100 off
