Bloqueio por horario

1. Bloqueio por horario

Henrique Rodrigues
henriquebh

(usa Debian)

Enviado em 03/01/2012 - 11:40h

Bom dia pessoal do VOL
Venho mais uma vez solicitar uma ajuda de voces
Tenho no meu squid.conf a seguinte ACL

# ********** >> TAG -> bloqueio com base no horario << ********** #
acl words dstdom_regex -i "/etc/squid/var/db/words"
acl web_mail url_regex "/etc/squid/var/db/web_mail"
acl h_pri_turno time MTWHF 00:00-06:59
acl h_seg_turno time MTWHF 11:00-12:59
acl h_ter_turno time MTWHF 17:00-23:59

http_access allow words web_mail h_pri_turno
http_access allow words web_mail h_seg_turno
http_access allow words web_mail h_ter_turno

Mas nao esta funcionando.
Ele continua bloqueando todas as palavras e webmails independente do horario
Alguem pode me ajudar?


  


2. Re: Bloqueio por horario

Reginaldo de Matias
saitam

(usa Slackware)

Enviado em 03/01/2012 - 11:47h

poste seu squid.conf completo para analisarmos!




3. Re: Bloqueio por horario

Henrique Rodrigues
henriquebh

(usa Debian)

Enviado em 03/01/2012 - 11:53h

http_port 192.168.1.3:3128
visible_hostname Servidor.Avatar.Block

hierarchy_stoplist cgi-bin ?

cache_mem 64 MB
maximum_object_size_in_memory 20 KB
maximum_object_size 4096 KB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95

# ********** >> TAG -> log_format << ********** #
logformat custom %>A %Ss %Hs %tl %ru %mt

# ********** >> TAG -> access_log << ********** #
access_log /etc/squid/var/log/access.log custom

# ********** >> TAG -> cache_log << ********** #
cache_log /etc/squid/var/log/cache.log custom

# ********** >> TAG -> cache_store_log << ********** #
cache_store_log /etc/squid/var/log/store.log custom

# ********** >> TAG -> diretorio do cache << ********** #
cache_dir ufs /etc/squid/var/cache 100 16 256

# ********** >> TAG -> padrao de atualizacao do cache << ********** #
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280

# ********** >> TAG -> broken_vary_encoding << ********** #
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache

# ********** >> TAG -> acesso liberado para alguns sites << ********** #
acl sites dstdomain "/etc/squid/var/db/sites"
http_access allow sites

# ********** >> TAG -> autenticacao SQUID no AD << ********** #
auth_param basic program /usr/lib/squid/ldap_auth -R -b "dc=dominio,dc=local" -D "cn=squid,cn=users,dc=dominio,dc=local" -w "123456" -f sAMAccountName=%s -h 192.168.254.1
auth_param basic realm " Monitoramento de Acesso "
acl autentica proxy_auth REQUIRED

# ********** >> TAG -> bloqueio de Usuarios Global << ********** #
acl no_access proxy_auth "/etc/squid/var/db/no_access"
http_access deny no_access

# ********** >> TAG -> usuarios sem restricoes de sites << ********** #
acl liberdade proxy_auth "/etc/squid/var/db/liberdade"
http_access allow liberdade

# ********** >> TAG -> controle de acesso << ********** #
acl all src 0.0.0.0/0.0.0.0
acl net_int src 192.168.254.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl manager proto cache_object
acl Safe_ports port 443 563 # HTTPS, SNEWS
acl Safe_ports port 80 # HTTP
acl Safe_ports port 21 # FTP
acl Safe_ports port 25 # SMTP
acl Safe_ports port 110 # POP3
acl Safe_ports port 443 563 # HTTPS, SNEWS
acl Safe_ports port 70 # GOPHER
acl Safe_ports port 210 # WAIS
acl Safe_ports port 1025-65535 # UNREGISTERED PORTS
acl Safe_ports port 280 # HTTP-MGMT
acl Safe_ports port 488 # GSS-HTTP
acl Safe_ports port 591 # FILEMAKER
acl Safe_ports port 777 # MULTILING HTTP
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access allow localhost
http_access deny to_localhost

# ********** >> TAG -> Bloqueio Compras Coletivass << ********** #z
acl compras url_regex -i "/etc/squid/var/db/compras"
http_access deny compras

# ********** >> TAG -> bloqueio do MSN << ********** #
acl msn url_regex -i /gateway/gateway.dll
http_access deny msn

# ********** >> TAG -> bloqueio com base em menssagem instantanea << ********** #
acl instant_messaging dstdom_regex "/etc/squid/var/db/instant_messaging"
http_access deny instant_messaging

# ********** >> TAG -> bloqueio com base em proxy externo << ********** #
acl proxy dstdom_regex "/etc/squid/var/db/proxy"
http_access deny proxy

# ********** >> TAG -> bloqueio baseado em dominios especificos << ********** #z
acl dominios dstdomain "/etc/squid/var/db/dominios"
http_access deny dominios

# ********** >> TAG -> bloqueio baseado em spyware << ********** #
acl spyware dstdomain "/etc/squid/var/db/spyware"
http_access deny spyware

# ********** >> TAG -> bloqueio baseado em antispyware << ********** #
acl antispyware dstdomain "/etc/squid/var/db/antispyware"
http_access deny antispyware

# ********** >> TAG -> bloqueio com base em hacker << ********** #
acl hacker dstdom_regex "/etc/squid/var/db/hacker"
http_access deny hacker

# ********** >> TAG -> bloqueio com base em violacao direitos autorais << ********** #
acl ilegal dstdom_regex "/etc/squid/var/db/ilegal"
http_access deny ilegal

# ********** >> TAG -> bloqueio com base em extensoes << ********** #
acl downloads urlpath_regex -i "/etc/squid/var/db/downloads"
http_access deny downloads

# ********** >> TAG -> acesso Google & Google_talk << ********** #
acl deny_webgoogletalk url_regex -i mail.google.com/mail/channel/bind
acl allow_wwwgooglebr url_regex -i www.google.com.br">www.google.com.br
acl allow_wwwgoogle url_regex -i www.google.com
acl allow_wwwgoogleimg url_regex -i images.google.com
acl allow_wwwgooglegroups url_regex -i groups.google.com
acl allow_wwwgooglenews url_regex -i news.google.com
acl allow_wwwgooglemail url_regex -i mail.google.com
acl allow_wwwgoogletranslate url_regex -i www.translate.google.com
acl gtalk1 dstdomain chatenabled.mail.google.com
acl gtalk2 dstdomain googlemail.1.google.com

http_access deny deny_webgoogletalk
http_access allow allow_wwwgooglebr
http_access allow allow_wwwgoogle
http_access allow allow_wwwgoogleimg
http_access allow allow_wwwgooglegroups
http_access allow allow_wwwgooglenews
http_access allow allow_wwwgooglemail
http_access allow allow_wwwgoogletranslate
http_access deny gtalk1
http_access deny gtalk2

# ********** >> TAG -> bloqueio com base em palavras << ********** #
#acl palavras dstdom_regex "/etc/squid/var/db/palavras"
#http_access deny palavras

# ********** >> TAG -> libera web mail para alguns usuarios << ********** #
acl access_mail proxy_auth "/etc/squid/var/db/access_mail"
http_access allow access_mail

# ********** >> TAG -> liberados com base em extensoes para email << ********** #
acl downloads_mail urlpath_regex -i "/etc/squid/var/db/downloads_mail"
http_access allow downloads_mail

# ********** >> TAG -> bloqueio com base em words << ********** #
#acl words dstdom_regex "/etc/squid/var/db/words"
#http_access deny words

# ********** >> TAG -> bloqueio com base no horário << ********** #
# acl permit_webmail url_regex -i \webmail.exe$
# http_access deny permit_webmail h_pri_turno
acl words dstdom_regex -i "/etc/squid/var/db/words"
acl web_mail url_regex "/etc/squid/var/db/web_mail"
acl h_pri_turno time MTWHF 00:00-06:59
acl h_seg_turno time MTWHF 11:00-12:59
acl h_ter_turno time MTWHF 17:00-23:59

http_access allow words web_mail h_pri_turno
http_access allow words web_mail h_seg_turno
http_access allow words web_mail h_ter_turno

# ********** >> TAG -> final da uutenticacao e libera rede local para usuarios << ********** #
http_access allow autentica
http_access allow net_int

# ********** >> TAG -> nega cache local, para nao haver duplicacao << ********** #
acl localcache dstdomain 192.168.254.3
cache deny localcache

# ********** >> TAG -> bloqueio de tudo que nao foi exposto anteriormente << ********** #
http_access deny all
##
##################################################################################








Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts