comfaa
(usa Debian)
Enviado em 12/05/2009 - 08:42h
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_dir ufs /var/spool/squid 100 16 256
hosts_file /etc/hosts
# Ativa a Autenticacao
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic children 10
auth_param basic realm Usuario Restrito
auth_param basic credentialsttl 1 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
## Primeiras configuracoes
acl manager proto cache_object
acl localhost src 192.168.1.5
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
#acl Safe_ports port 25 # smtp
#acl Safe_ports port 110 # pop3
#acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # Portas nao registradas
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Bloqueia acessos de fora da rede local antes de passar pela autenticacao:
acl redelocal src 192.168.1.0/24
http_access deny !redelocal
## ip da rede que sera bloqueados
acl ips.bloqueados src "/etc/squid/acls/bad.ips"
## Definicao de ACLs ##
acl links.proibidos url_regex -i "/etc/squid/acls/bad.links"
acl palavras.proibidas urlpath_regex -i "/etc/squid/acls/bad.words"
acl sites.proibidos dstdomain -i "/etc/squid/acls/bad.sites"
acl links.especiais urlpath_regex -i "/etc/squid/acls/specials.links"
acl empresa dstdomain -i "/etc/squid/acls/empresa"
acl links.liberados urlpath_regex -i "/etc/squid/acls/good.links"
acl sites.liberados dstdomain -i "/etc/squid/acls/good.sites"
## Grupos de Usuarios
acl restrito proxy_auth "/etc/squid/acls/usuario.restrito"
acl normal proxy_auth "/etc/squid/acls/usuario.normal"
acl super proxy_auth "/etc/squid/acls/usuario.super"
acl livre proxy_auth "/etc/squid/acls/usuario.livre"
acl admin proxy_auth "/etc/squid/acls/usuario.admin"
## Horarios ***Estas s as que eu tenho mais didas**
acl manha time M T W H F A 07:30-11:30
acl almoco time MTWHFA 14:31-18:00
acl tarde time M T W H F A 13:31-18:30
acl extra time M T W H F A 18:31-22:00
acl dia time 05:30-23:30
acl comercial time SMTWHFA 05:30-23:30
## Bloqueios Gerais
http_access deny links.proibidos super
http_access deny palavras.proibidas super
http_access deny sites.proibidos super
## Acessi liberado para usuio Livre
http_access allow livre
## libera para super, admin e normal
http_access allow dia sites.liberados super
http_access allow dia links.especiais super
http_access allow dia links.liberados super
http_access allow manha sites.liberados admin
http_access allow tarde sites.liberados admin
http_access allow almoco sites.liberados admin
http_access allow extra sites.liberados admin
http_access allow manha links.liberados admin
http_access allow tarde links.liberados admin
http_access allow almoco links.liberados admin
http_access allow extra links.liberados admin
http_access allow comercial sites.liberados normal
http_access allow comercial links.liberados normal
http_access allow dia !links.proibidos !sites.proibidos !palavras.proibidas super
http_access allow almoco !links.proibidos !sites.proibidos !palavras.proibidas admin
http_access allow extra !links.proibidos !sites.proibidos !palavras.proibidas admin
## ACLs de acesso a horarios definidos, exemplo: Almoco, para almoco e gdh:
##acl permitidos proxy_auth gdh almoco
##acl almoco time 12:00-13:30
##http_access allow permitidos
##http_access allow autenticados almoco
http_access deny autenticados
visible_hostname Intranet
coredump_dir /var/spool/squid
http_port 3128
cache_access_log /var/log/squid/access.log
