cleberantonio
(usa CentOS)
Enviado em 25/01/2012 - 22:23h
Pessoal estou tentando fazer um proxy autenticado onde um usuario tenha acesso total e outro não já pesquisei no site em todo lugar,enfim não sei onde está meu erro por isso peço sugestões para o conf.
auth_param basic program /usr/sbin/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm CONTROLE DE INTERNET ENTRE COM USUARIO E SENHA
auth_param basic casesensitive off
#CONFIGURACAO DO SQUID DA ASSEMP COM PROXY AUTENTICADO
#Porta default do proxy
http_port 3128
#O nome do servidor
visible_hostname server
#CACHE DE MEMORIA
cache_mem 300 MB
maximum_object_size_in_memory 100 MB
#CACHE DE DISCO PEQUENO DEVIDO A FREQUENCIA COM QUE OS SOFTS DO GOVERNO SAO ATUALIZADOS
maximum_object_size 2 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/cache/squid 2048 16 256
cache_access_log /var/log/squid/access.log
refresh_pattern ^ftp: 15 20 2280
refresh_pattern ^gopher: 15 0 2280
refresh_pattern . 15 20 2280
#Regras de acesso para rede local
#http
#ftp
#gopher
#wais
#http-mgmt
#gss-http
#filemaker
#multiling http
#swat
#ftplocal
#https e news
#portas altas
acl autenticados proxy_auth REQUIRED
http_access allow autenticados
acl adm proxy_auth "/etc/squid/grupo/adm
http_access allow adm
acl control proxy_auth "/etc/squid/grupo/controlados"
acl bloqueados url_regex -i "/etc/squid/regras/bloqueados.txt"
http_access deny bloqueados
acl redelocal src 192.168.0.1/24 #REDE LOCAL
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 25
acl Safe_ports port 110
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 901
acl Safe_ports port 2121
acl Safe_ports port 443 563
acl Safe_ports port 1025-65535
acl purge method PURGE
acl CONNECT method CONNECT
#acl controlados proxy_auth "/etc/squid/grupo/controlados"
#acl bloqueados url_regex -i "/etc/squid/regras/bloqueados.txt"
#http_access deny bloqueados
#http_access allow controlados !bloqueados
#ARQUIVO COM OS LOGS DO SQUID
access_log /var/log/squid/access.log
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##CACHE DO WINDOWS UPDATE
refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern
www.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi) 4320 100% 43200 reload-into-ims
#http_access allow liberados
#http_access allow ipsok
#http_access allow siteok
#http_access deny bloqueados
http_access allow redelocal
http_access allow localhost
http_access deny all
#Mensagens de erro
error_directory /usr/share/squid/errors/Portuguese
#CACHE DO SQUID
cache_log /var/log/squid/cache.log
cache_mgr INTERNET_CONTROL
cache_replacement_policy lru
cache_store_log /var/log/squid/store.log
client_lifetime 1 day
connect_timeout 2 minutes
emulate_httpd_log off
ftp_passive on
memory_replacement_policy lru
##DEFINICAO DOS SERVIDOR DNS
dns_nameservers 208.67.220.220
dns_nameservers 208.67.200.200