red_slack
(usa Slackware)
Enviado em 18/06/2010 - 22:38h
Obrigado pela dica, já tenho 03 das 04 situações resolvidas (1, 2 e 3) só me resta a 4ª a do msn, meu squid ficou assim:
####################################################################
### ###
### AILTON FERNANDES FARIAS ###
### ###
####################################################################
http_port 3128 transparent
visible_hostname PrefeituraMunicipal
error_directory /usr/share/squid/errors/Portuguese/
#===================================================================#
# SERVIDORES DNS E POLITICA
#===================================================================#
dns_nameservers 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220
dns_retransmit_interval 5 seconds
dns_timeout 2 minutes
#===================================================================#
# ACESSO DIRETO A DETERMINADOS SITES
#===================================================================#
acl directd dstdomain url_regex -i "/etc/squid/nocache.lst"
acl directd dstdomain .siteacessodireto.net
always_direct allow directd
cache deny directd
refresh_pattern -i \.jpg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.gif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.png$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.jpeg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.bmp$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tiff$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.swf$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.html$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.htm$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.shtml$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.shtm$ 0 20% 1440 reload-into-ims
refresh_pattern -i \.nub$ 2880 80% 21600 reload-into-ims
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 8640
refresh_pattern -i exe$ 0 50% 999999
refresh_pattern -i zip$ 0 50% 999999
#===================================================================#
# LIBERAR / BLOQUEAR / IPS / SITES
#===================================================================#
#-----SITES E IPS PARCIALMENTE BLOQUEADOS-----#
acl sites_pro_1 url_regex -i "/etc/squid/acls/bloqueados/sites_proibidos1"
acl ips_sites_proibidos src "/etc/squid/acls/bloqueados/ips_sites_proibidos"
http_access deny ips_sites_proibidos sites_pro_1
#-----IPS 100% LIBERADOS-----#
acl ipsliberados src "/etc/squid/acls/liberados/ips"
http_access allow ipsliberados
#-----IP'S 100% BLOQUEADOS----#
acl ipsbloqueados src "/etc/squid/acls/bloqueados/ips"
http_access deny ipsbloqueados
#===================================================================#
# BLOQUEAR/LIBERAR MSN
#===================================================================#
#acl ipsbloqueados url_regex -i "/etc/squid/acls/bloqueados/msn"
#acl msn url_regex -i gateway.messenger.com
#acl ipsliberados url_regex -i "/etc/squid/acls/liberados/msn"
#http_access allow ipsliberados
#http_access deny msn
#http_access deny ipsbloqueados
#===================================================================#
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl proxy src 192.168.10.0/24
http_access allow proxy
acl purge method PURGE
acl CONNECT method CONNECT
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl Safe_ports port 1863 # MSN
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access allow localhost
http_access deny all
http_reply_access allow all
#icp_access allow all
#===================================================================#
# NEGA CACHE DE ARQUIVOS ASX E ASF - STREAMING
#===================================================================#
acl asx url_regex -i \.asx$
cache deny asx
acl asf url_regex -i \.asf$
cache deny asf
#===================================================================#
# BLOQUEIO DE ARQUIVOS SUSPEITOS
#===================================================================#
acl vbs url_regex -i .*\.VBS$
http_access deny vbs
acl scr url_regex -i .*\.SCR$
http_access deny scr
acl cmd url_regex -i .*\.CMD$
http_access deny cmd
acl pif url_regex -i .*\.PIF$
http_access deny pif
#===================================================================#
# USO DA MEMORIA E DISCO PELO SQUID
#===================================================================#
cache_mem 400 MB
cache_swap_low 80
cache_swap_high 95
#===================================================================#
# TAMANHO DOS ARQUIVOS EM CACHE
#===================================================================#
maximum_object_size 300 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 32 KB
#===================================================================#
# POLITICA DE SUBSTITUIÇO DO CACHE
#===================================================================#
cache_replacement_policy heap LFUDA
memory_replacement_policy lru
ipcache_size 4096
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
max_filedescriptors 1024
cache_dir aufs /thunder 10000 16 256
cache_effective_user proxy
ftp_user anonymous@anonymous.com.br
#===================================================================#
# LOG DOS ACESSOS PELO CACHE PARA USO COM SARG
#===================================================================#
access_log /var/log/squid/access.log
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hosts_file /etc/hosts
coredump_dir /var/spool/squid
server_persistent_connections off
zph_mode tos
zph_local 0x30
#===================================================================#
# THUNDERCACHE 3.X - REGEX
#===================================================================#
acl thunder_lst url_regex -i "/etc/thunder/thunder.lst"
cache deny thunder_lst
cache_peer 192.168.10.250 parent 8080 0 proxy-only no-digest
dead_peer_timeout 2 seconds
cache_peer_access 192.168.10.250 allow thunder_lst
cache_peer_access 192.168.10.250 deny all
#===================================================================#
# FIM
#===================================================================#
Tem como me ajudar no item 4? Bloqueios de msn em alguns computadores. Preciso também de uma forma de amarrar o IP ao MAC, o que me sujerem???
Desde já grato