Squid Autenticando no Mysql = Centos

1. Squid Autenticando no Mysql = Centos

willcamarg
(usa CentOS)

Enviado em 07/11/2012 - 21:36h

Ola, esse é meu squid preciso que Ele autentique no mysql, usava essa configuração no ubuntu server, agora no centos como quais são os caminhos??? ainda não consegui achar.

__________________________________________________________
#Recommended minimum configuration:



acl manager proto cache_object

acl localhost src 127.0.0.1/32

acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

acl purge method PURGE

#acl all src 0.0.0.0/0.0.0.0 ##nao precisa no squid



acl rede_adm src 10.101.0.0/24

acl rede_labinf src 192.168.2.0/24 





#access_log /var/log/squid/access.log squid

cache_log /var/log/squid/cache.log

cache_store_log /var/log/squid/store.log



# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing

# should be allowed



acl localnet src 10.0.0.0/24     # RFC1918 possible internal network

acl localnet src 172.16.0.0/24   # RFC1918 possible internal network

acl localnet src 192.168.0.0/24  # RFC1918 possible internal network

#acl localnet src fc00::/7       # RFC 4193 local private network range

#acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines



acl SSL_ports port 443

acl Safe_ports port 80          # http

acl Safe_ports port 8213        # ufv

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT



##Filtro de conteúdo e autenticação

auth_param basic program /usr/lib/squid/mysqlt_auth

auth_param basic children 5

auth_param basic realm Laboratorio de informatica

auth_param basic credentialsttl 2 hours

acl password proxy_auth REQUIRED



################################################

###  REGRA GERAIS DE ACESSO                  ###

acl tecnicos_lab proxy_auth "/etc/squid/tecnicos

################################################

###  REGRA HORARIO DE ACESSO DO ORKUT E OUTROS ###

acl horario time 11:45-13:15

acl almoco url_regex -i "/etc/squid/regras/horario_almoco"

http_access allow almoco horario



#######   Sites sem cache ##########

acl sitesemcache url_regex -i "/etc/squid/regras/sites-no-cache"

no_cache deny sitesemcache



acl messenger urlpath_regex gateway.dll



acl ips_liberados src "/etc/squid/regras/ips_liberados"

acl ips_bloqueados src "/etc/squid/regras/ips_bloqueados"



acl download_proibidos_geral url_regex -i "/etc/squid/regras/download_proibidos_geral"

acl download_proibidos_adm url_regex -i "/etc/squid/regras/download_proibidos_adm"

acl download_proibidos_labinf url_regex -i "/etc/squid/regras/download_proibidos_labinf"

acl dominios_proibidos_geral url_regex -i "/etc/squid/regras/dominios_proibidos_geral"

acl dominios_proibidos_adm url_regex -i "/etc/squid/regras/dominios_proibidos_adm"

acl dominios_proibidos_labinf url_regex -i "/etc/squid/regras/dominios_proibidos_labinf"



acl palavras_proibidas_geral url_regex -i "/etc/squid/regras/palavras_proibidas_geral"

acl palavras_proibidas_adm url_regex -i "/etc/squid/regras/palavras_proibidas_adm"

acl palavras_proibidas_labinf url_regex -i "/etc/squid/regras/palavras_proibidas_labinf"



acl palavras_liberadas_geral url_regex -i "/etc/squid/regras/palavras_liberadas_geral"

acl palavras_liberadas_adm url_regex -i "/etc/squid/regras/palavras_liberadas_adm"

acl palavras_liberadas_labinf url_regex -i "/etc/squid/regras/palavras_liberadas_labinf"

acl dominios_liberados_geral dstdomain -i "/etc/squid/regras/dominios_liberados_geral"



#

# Recommended minimum Access Permission configuration:

#

# Only allow cachemgr access from localhost

http_access allow all tecnicos_lab

http_access allow manager localhost

http_access deny manager



# Deny requests to certain unsafe ports

http_access deny !Safe_ports



# Deny CONNECT to other than secure SSL ports

http_access deny CONNECT !SSL_ports



# We strongly recommend the following be uncommented to protect innocent

# web applications running on the proxy server who think the only

# one who can access services on "localhost" is a local user

#http_access deny to_localhost



#http_access deny streaming

http_access deny messenger rede_adm

http_access deny messenger rede_labinf



http_access allow ips_liberados

http_access deny ips_bloqueados



http_access allow dominios_liberados_geral rede_adm

http_access allow dominios_liberados_geral rede_labinf



#BLOQUEIO DE DOWNLOAD POR EXTENSAO



acl bloqueiodownload urlpath_regex  \.mp4$ \.flv$ \.rar$ \.cab$ \.ocx$ \.asf$ \.wmv$ \.mpg$ \.mpeg$ \.avi$ \.mov$ \.divx$ \.ogm$ \.mp3$ \.wma$ \.rm$ \.ram$ \.com$ \.scr$ \.pif$ \.bat$ \.arj$ \.ace$ \.tar$ \.gz$ \.z$ \.bin$ \.lzh$ \.lha$ \.exe$ \.mp4?$\.flv?$ \.rar?$ \.cab?$ \.ocx?$ \.asf?$ \.wmv?$ \.mpg?$ \.mpeg?$ \.avi?$ \.mov?$ \.divx?$ \.ogm?$ \.mp3?$ \.wma?$ \.rm?$ \.ram?$ \.com?$ \.scr?$ \.pif?$ \.bat?$ \.arj?$ \.ace?$ \.tar?$ \.gz?$ \.z?$ \.bin?$ \.lzh?$ \.lha?$ \.exe?$ !dominios_liberados_geral



http_access deny download_proibidos_geral rede_adm

http_access deny download_proibidos_geral rede_labinf



http_access deny download_proibidos_adm rede_adm

http_access deny download_proibidos_labinf rede_labinf



http_access deny dominios_proibidos_geral rede_adm

http_access deny dominios_proibidos_geral rede_labinf

http_access deny dominios_proibidos_adm rede_adm

http_access deny dominios_proibidos_labinf rede_labinf



http_access deny palavras_proibidas_geral !palavras_liberadas_geral rede_adm

http_access deny palavras_proibidas_geral !palavras_liberadas_geral rede_labinf

http_access deny palavras_proibidas_adm !palavras_liberadas_adm rede_adm

http_access deny palavras_proibidas_labinf !palavras_liberadas_labinf rede_labinf



http_access allow rede_adm

http_access allow rede_labinf



http_access deny all



#Allow HTCP queries from local networks only

#htcp_access allow rede_adm

#htcp_access allow rede_labinf

#htcp_access deny all



#

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

#



# Example rule allowing access from your local networks.

# Adapt localnet in the ACL section to list your (internal) IP networks

# from where browsing should be allowed

http_access allow localnet

http_access allow localhost



# Squid normally listens to port 3128

http_port 3128 

visible_hostname labinf - Informatica



# We recommend you to use at least the following line.

hierarchy_stoplist cgi-bin ?



# Uncomment and adjust the following to add a disk cache directory.

#cache_dir ufs /var/spool/squid 100 16 256



# Leave coredumps in the first cache dir

cache_dir ufs /var/spool/squid 2048 16 256



# Add any of your own refresh_pattern entries above these.

refresh_pattern ^ftp:           1440    20%     10080

refresh_pattern ^gopher:        1440    0%      1440

refresh_pattern -i (/cgi-bin/|\?) -1    0%      0

refresh_pattern .               0       20%     4320



cache_effective_user proxy

cache_effective_group Proxy