garibeiro
(usa Debian)
Enviado em 09/08/2012 - 09:58h
Fala Brother beleza ? segue abaixo o meu script, se puder me ajudar agradeço e muito.
http_port 3128
visible_hostname vsproxy1.valesaude.net
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
pid_filename /var/run/squid.pid
cache_effective_user proxy
cache_effective_group proxy
cache_mem 256 MB
cache_dir ufs /var/spool/squid3 2048 16 256
cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 128 KB
maximum_object_size 64 MB
minimum_object_size 0 KB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
auth_param basic program /usr/lib/squid3/squid_ldap_auth -R -b "dc=valesaude,dc=net" -D "cn=squid,ou=Internet,dc=valesaude,dc=net" -w "smvsal2k8" -f sAMAccountName=%s -h 192.168.90.6
auth_param basic children 5
auth_param basic realm teste
auth_param basic credentialsttl 30 minutes
acl autentica proxy_auth REQUIRED
external_acl_type ldap_group %LOGIN /usr/lib/squid3/squid_ldap_group -R -b "dc=valesaude,dc=net" -D "cn=squid,ou=Internet,dc=valesaude,dc=net" -w "smvsal2k8" -f (&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=valesaude,dc=net)) -h 192.168.90.6
acl manager proto cache_object
acl redelocal src 192.168.90.0/24
acl SSL_ports port 443 563 2096 19638
acl Safe_ports port 80 81 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access deny manager
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl PornoURLs url_regex "/etc/squid3/
[*****]"
acl sem_autenticacao url_regex -i "/etc/squid3/conteudo/palavras"
acl bloqueados url_regex -i "/etc/squid3/conteudo/denied"
acl streaming rep_mime_type ^video/x-ms-asf
acl musica url_regex -i "/etc/squid3/conteudo/musica"
acl liberados url_regex -i "/etc/squid3/conteudo/liberados"
acl almoco time MTWHFAS 12:30-13:30
acl tarde time MTWHFAS 17:30-18:00
acl Skype url_regex ^[0-9]+.[0-9]+.[0-9]+.[0-9]+
acl msn1 url_regex -i "/etc/squid3/conteudo/msn1.txt"
acl msn2 dstdomain -i "/etc/squid3/conteudo/msn2.txt"
acl AcessoRestrito external ldap_group AcessoRestrito
acl AcessoPadrao external ldap_group AcessoPadrao
acl AcessoTotal external ldap_group AcessoTotal
acl AcessoLivre external ldap_group AcessoLivre
#http_access allow sem_autenticacao
http_access allow CONNECT skype all
http_access allow msn1
http_access allow msn2
http_access allow AcessoTotal
http_access deny musica streaming
#http_access allow AcessoPadrao almoco
#http_access allow AcessoPadrao tarde
http_access allow AcessoPadrao liberados
http_access deny AcessoPadrao bloqueados
http_access deny AcessoRestrito bloqueados
http_access deny AcessoRestrito all
http_access deny AcessoLivre PornoURLs
http_access allow AcessoLivre
#http_access allow autentica redelocal
#http_access allow redelocal
http_access deny all