Squid nao bloqueia

parkerzin
(usa Debian)

Enviado em 12/11/2008 - 12:29h

Olá pessoal, estou com uma dúvida de iniciante, fiz, refiz, e refiz o conf do squid, perguntei a varias pessoas, vi vários forums, ambos apontavam para o mesmo conf do qual eu já tinha feito, então pedi a ajuda de um amigo que já trabalho com o mesmo, ele me apontou um erro no squid, entao alterei o conf, mas agora nem ao menos pede autenticação, gostaria de saber se alguem pode me ajudar. O problema é que antigamente pedia autenticação, mas o mesmo não bloqueava as paginas que eram listadas na blacklist.Segue abaixo o conf.


#######################################
# #
# GRUPO FOX !! #
# #
# Heitor Lessa - R.A. 48244 #
# Ilicio Junior - R.A. 25810 #
# Marcos Santos - R.A. #
# Carlos Araujo - R.A. 48195 #
# Fabio Godoy - R.A. 48995 #
# #
#######################################

########################
# #
# Porta do proxy #
# #
########################

http_port 8080

########################
# #
# Nome do servidor #
# #
########################

visible_hostname foX

########################
# #
# Memoria do proxy #
# #
########################

cache_mem 60 MB

########################
# #
# Tamanho de objeto #
# #
########################

maximum_object_size_in_memory 5 MB
maximum_object_size 4 MB
minimum_object_size 0 KB

########################
# #
# Cache do swap #
# #
########################

cache_swap_low 90
cache_swap_high 100

########################
# #
# Local cache squid #
# #
########################

cache_dir ufs /var/spool/squid/cache1 400 16 256
cache_dir ufs /var/spool/squid/cache2 200 16 256

#########################
# #
# Exigindo autenticação #
# #
#########################

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/senhas
auth_param basic children 5
auth_param basic realm Grupo Fox - Digite seu login e senha.
auth_param basic credentialsttl 2 hours

########################
# #
# Log do squid #
# #
########################

cache_access_log /var/log/squid/access.log

########################
# #
# Erros em portugues #
# #
########################

error_directory /usr/share/squid/errors/Portuguese

########################
# #
# Lista de acesso - 1 #
# #
########################

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl rede_int src 13.1.1.0/255.255.255.0

#####################################
# #
# Lista de acesso - Portas seguras #
# #
#####################################

acl SSL_ports port 443 563
acl Safe_ports port 80 # Porta padrao HTTP
acl Safe_ports port 21 # Porta padrao FTP
acl Safe_ports port 443 563 # Porta padrao HTTPS, SNEWS
acl Safe_ports port 70 # Porta padrao GOPHER
acl Safe_ports port 210 # Porta padrao WAIS
acl Safe_ports port 1025-65535 # Portas nao registradas
acl Safe_ports port 280 # Porta HTTP-MGMT
acl Safe_ports port 488 # Porta GSS-HTTP
acl Safe_ports port 591 # Porta FILE MAKER
acl Safe_ports port 777 # Porta M. HTTP
acl Safe_ports port 901 # Porta padrao SWAT - SAMBA

##############################
# #
# Lista de acesso - Conexao #
# #
##############################

acl purge method PURGE
acl CONNECT method CONNECT

#############################################
# #
# Liberando ou negando as Listas de acesso #
# #
#############################################

http_access allow manager localhost
http_access allow rede_int
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid

###########################
# #
# Max. de conexao por IP #
# #
###########################

acl conexoes maxconn 2
http_access deny conexoes

#############################
# #
# Bloqueando a navegacao ! #
# #
#############################

acl extensao url_regex -i "/etc/squid/negar/extensao"
acl pag_usrs dstdomain "/etc/squid/negar/pag_usrs"
acl pag_usrs2 url_regex -i "/etc/squid/negar/pag_usrs"
acl pag_ger dstdomain "/etc/squid/negar/pag_ger"
acl palavras url_regex -i "/etc/squid/negar/palavras"

http_access deny extensao
http_access deny pag_usrs
http_access deny pag_usrs2
http_access deny palavras

########################
# #
# Grupos de usuarios #
# #
########################

acl users proxy_auth "/etc/squid/grupos/users" REQUIRED
acl admin proxy_auth "/etc/squid/grupos/admin" REQUIRED
acl geren proxy_auth "/etc/squid/grupos/geren" REQUIRED

##################################
# #
# Permissoes grupo - users #
# #
##################################

http_access deny users palavras
http_access deny users extensao
http_access deny users all
http_access allow users users

#########################
# #
# Permissao grupo geren #
# #
#########################

http_access deny geren palavras
http_access deny geren extensao
http_access deny geren all
http_access allow geren geren

#########################
# #
# Permissao grupo admin #
# #
#########################

http_access allow admin all

http_access deny all

-- Heitor Lessa