Enviado em 03/01/2017 - 16:06h
Boa tarde pessoal !# Configuracao Geral
#
#Versão Squid 3.1.4
http_port 3128 intercept
#always_direct allow all
visible_hostname Controlador_Internet
cache_mem 4096 MB
cache_dir aufs /var/spool/squid3/1/ 10240 64 256
cache_dir aufs /var/spool/squid3/2/ 10240 64 256
cache_dir aufs /var/spool/squid3/3/ 10240 64 256
cache_dir aufs /var/spool/squid3/4/ 10240 64 256
cache_dir aufs /var/spool/squid3/5/ 10240 64 256
cache_dir aufs /var/spool/squid3/6/ 10240 64 256
cache_dir aufs /var/spool/squid3/7/ 10240 64 256
cache_dir aufs /var/spool/squid3/8/ 10240 64 256
cache_dir aufs /var/spool/squid3/9/ 10240 64 256
cache_dir aufs /var/spool/squid3/10/ 10240 64 256
cache_access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
pid_filename /var/run/squid3.pid
emulate_httpd_log on
max_filedescriptors 65535
# Mensagens de erro do Squid em Portugues
error_directory /usr/share/squid3/errors/Portuguese
# Atualizacao do Cache
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 20% 2280
refresh_pattern . 15 20% 22820
# ----------------------- Controle de bloqueios ---------------------------------------------- #
#IP's da rede local bloqueados
acl mac_negado arp "/000/mac_negado"
http_access deny mac_negado
#url que nao devem ser cacheada
acl sem_cache urlpath_regex -i "/000/sem_cache"
no_cache deny sem_cache
# Regras de liberacao de site (Sites desta lista podem ser acessado por qq grupo)
acl lista_branca url_regex -i "/000/lista_branca"
http_access allow lista_branca
# IP's da rede local liberado tudo (Enderecos Mac Address - "GOD Mode" Acessam tudo)
acl mac_liberado arp "/000/mac_liberado"
http_access allow mac_liberado
# Regras grupo 1
acl mac_setor1 arp "/000/mac_setor1"
acl site_setor1 dstdomain "/000/site_setor1"
http_access allow mac_setor1 site_setor1
# Regras grupo 2
acl mac_setor2 src "/000/mac_setor2"
acl site_setor2 dstdomain "/000/site_setor2"
http_access allow mac_setor2 site_setor2
#######################################################
# Extencoes bloqueadas
acl ext_bloqueadas urlpath_regex -i "/000/ext_bloqueadas"
http_access deny ext_bloqueadas
# Regras de bloqueio de site ***por url
acl lista_negra url_regex -i "/000/lista_negra"
http_access deny lista_negra
# Regras de bloqueio de site ***por palavras
acl palavra dstdom_regex -i "/000/palavras_negadas"
http_access deny palavra
acl streaming req_mime_type ^video/x-ms-asf
acl videomusic urlpath_regex -i \.aif$ \.aifc$ \.aiff$ \.asf$ \.asx$ \.avi$ \.au$ \.m3u$ \.med$ \.mp3$ \.m1v$ \.mp2$ \.mp2v$ \.mpa$ \.mov$ \.mpe$ \.mpg$ \.mpeg$ \.ogg$ \.pls$ \.ram$ \.ra$ \.ram$ \.snd$ \.wma$ \.wmv$ \.wvx$ \.mid$ \.midi$ \.rmi$ \.flv$
http_access deny videomusic
http_reply_access deny streaming
acl streaming req_mime_type -i "/etc/squid3/blockmime"
acl proibir_musica urlpath_regex -i \.aif$ \.aifc$ \.aiff$ \.asf$ \.asx$ \.avi$ \.au$ \.m3u$ \.med$ \.mp3$ \.m1v$ \.mp2$ \.mp2v$ \.mpa$ \.mov$ \.mpe$ \.mpg$ \.mpeg$ \.ogg$ \.pls$
acl proibir_musica2 urlpath_regex -i \.ram$ \.ra$ \.ram$ \.snd$ \.wma$ \.wmv$ \.wvx$ \.mid$ \.midi$ \.rmi$
http_access deny streaming
#################################################################################
# acl - Recomendadas
#*******************
#
#http_access deny all
acl manager proto cache_object
#acl localhost src 127.0.0.1/255.255.255.255
acl localhost src 127.0.0.1
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 25
acl SSL_ports port 110
acl SSL_ports port 873
acl SSL_ports port 444
acl SSL_ports port 447
acl SSL_ports port 563
acl SSL_ports port 7443
acl SSL_ports port 873
acl SSL_ports port 10000
acl SSL_ports port 631
acl SSL_ports port 3456
acl SSL_ports port 3328
acl SSL_ports port 95
acl SSL_ports port 587
acl SSL_ports port 993
acl SSL_ports port 465
acl SSL_ports port 5900
acl SSL_ports port 5500
acl SSL_ports port 3307
acl SSL_ports port 5800
acl SSL_ports port 3388
acl SSL_ports port 1433
acl SSL_ports port 1434
acl SSL_ports port 47
acl SSL_ports port 10001-10220
acl SSL_ports port 8010
acl SSL_ports port 5050
acl SSL_ports port 6050
acl Safe_ports port 139 445 #compartilhamento
acl Safe_ports port 3389 # acesso remoto
acl Safe_ports port 3050 # Programa dream soft
acl Safe_ports port 8080 # http
acl Safe_ports port 8090 # http
acl Safe_ports port 80 # http
acl Safe_ports port 5275 # acesso externo spark
acl Safe_ports port 5269 # acesso externo spark
acl Safe_ports port 9090 # console spark
acl Safe_ports port 9091 # console seguranca spark
acl Safe_ports port 7777 # Transferencia spark
acl Safe_ports port 5222 # acesso spark
acl Safe_ports port 5223 # acesso https sparks
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 30000 # BRADESCO
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # portas altas
acl purge method PURGE
acl CONNECT method CONNECT
# Libera para a rede local
acl redeTESTE src 192.168.100.0/24
http_access allow localhost
http_access allow redeTESTE
# Bloqueia acessos externos
http_access deny all
dns_nameservers 8.8.8.8 8.8.4.4
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Efeito "livro" em arquivos PDF
Como resolver o erro no CUPS: Unable to get list of printer drivers
Flatpak: remover runtimes não usados e pacotes
Mudar o gerenciador de login (GDM para SDDM e vice-versa) - parte 2
Dica sobre iptables ACCEPT e DROP (6)
NGNIX - Aplicar SNAT para evitar roteamento assimetrico (29)
[Python] Automação de scan de vulnerabilidades
[Python] Script para analise de superficie de ataque
[Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem
[Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)
[Shell Script] Script para adicionar bordas às imagens de uma pasta