Старожил
Сообщения: 180
Благодарности: 1
|
Профиль
|
Отправить PM
| Цитировать
всё по мануалу делал ну разве что в squid.conf сделал такие настройки(это тоже по ману, только другому)
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 64 MB
maximum_object_size 2000 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 1000 KB
cache_dir ufs /usr/local/squid/cache 2000 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
cache_store_log /usr/local/squid/logs/store.log
#---------------------Метод аутентификации пользователей--------------------------
auth_param basic program /usr/local/libexec/squid/ncsa_auth /usr/local/etc/squid/ncsa.sams
auth_param basic children 5
auth_param basic realm CARLOS_proxy-server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
forwarded_for off
#-------------------------------------------------------------------------------------------------
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
#----------------------------------Описание правил для доступа в Интернет---------------------------
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
#acl localnet src 10.3.0.0/16
#########################IT########################
#acl itstep src "/usr/local/etc/squid/it.acl"
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 21 20 80 563 70 210
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 3128
acl Safe_ports port 53
#acl icq_dom dstdomain .icq.com .aol.com .qip.ru
#acl icq_addr src 64.12.0.0/255.255.0.0 205.188.0.0/255.255.0.0 195.239.111.0/255.255.255.0 195.68.160.0/255.255.255.
#http_access allow icq_dom
#http_access allow icq_addr
acl CONNECT method CONNECT
acl CONNECT method CONNECT
acl Users proxy_auth REQUIRED
#acl squidusers proxy_auth REQUIRED
acl # src 0.0.0.0/0.0.0.0
#acl Bad_User_Delay_Pools proxy_auth "/usr/local/etc/squid/Pool_BadUser"
#acl Good_User_Delay_Pools proxy_auth "/usr/local/etc/squid/Pool_GoodUser"
#acl badword url_regex -i /usr/local/etc/squid/word
#acl bad_format urlpath_regex -i \.mp3$ \.avi$ \.torrent$ \.mpeg$
#####ADMINS_NO LIMITS########
#acl student proxy_auth "/usr/local/etc/squid/acl/student"
#http_access allow admin
#http_access deny all
##########################################################
#############Преподаватели SHAG###########################
#acl teacher proxy_auth "/usr/local/etc/squid/acl/teacher"
##########################################################
############CISCO########################################
#acl cisco proxy_auth cisco #
#acl cisco_sites dstdomain "/usr/local/etc/squid/cisco_sites" #
#############################################################
#######################Администрация############################
#acl administracia proxy_auth "/usr/local/etc/squid/acl/administracia"#
#-----------------------------------------------------------------------------------------------------
#-------------------------Применение выше перечисленных правил------------------
#http_access deny badword
#http_access deny bad_format
#http_access deny cisco !cisco_sites #
http_access allow Users
#http_access allow itstep
http_access deny all
http_access deny !SSL_ports
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny #
http_access deny all
#------------------------------------------------------------------------------------------------- cache_mgr admin
mail_program mail
cache_effective_user squid
cache_effective_group squid
http_reply_access allow all
visible_hostname proxy
logfile_rotate 10
icon_directory /usr/local/etc/squid/icons
error_directory /usr/local/etc/squid/errors/Russian-koi8-r
coredump_dir /usr/local/squid/cache
|
Отправлено: 21:12, 02-03-2011
| #5
|
