everton_thomaz
(usa Debian)
Enviado em 16/06/2015 - 13:45h
thinomar escreveu:
Seu squid.conf, pls
--
sudo make me a sandwich
Boa tarde, Thinomar
Meu squid conf,
http_port 10.10.1.220:3128
visible_hostname server-proxy.tst.local
cache_mgr suporte@tst.com.br
cache_mem 1028 MB
maximum_object_size_in_memory 128 KB
maximum_object_size 1028 MB
minimum_object_size 2 KB
cache_swap_low 90
cache_swap_high 95
cache_dir diskd /var/spool/squid3 20480 64 256 Q1=64 Q2=72
cache_log /var/log/squid3/cache.log
access_log /var/log/squid3/access.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
cache_swap_low 90%
cache_swap_high 95%
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param ntlm keep_alive on
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
external_acl_type grupo_ad %LOGIN /usr/lib/squid3/wbinfo_group.pl
# Mensagens de erro do Squid em Português
error_directory /usr/share/squid/errors/Portuguese
# Localizacao do arquivo de log do Squid
cache_access_log /var/log/squid/access.log
acl grp-G_ADM external grupo_ad G_ADM
acl grp-G_DIRETORIA external grupo_ad G_DIRETORIA
acl grp-G_ATENDIMENTO external grupo_ad G_ATENDIMENTO
acl grp-G_TECNICA external grupo_ad G_TECNICA
#acl negados dstdomain -i "/etc/squid3/negados"
acl Bloqueio-ATEND dstdomain -i "/etc/squid3/Bloqueio-ATEND"
acl Bloqueio-TECNICA dstdomain -i "/etc/squid3/Bloqueio-TECNICA"
#acl liberados dstdomain -i "/etc/squid3/liberados"
http_access allow grp-G_DIRETORIA
http_access allow grp-G_ADM
http_access deny Bloqueio-ATEND
http_access allow grp-G_ATENDIMENTO
http_access deny Bloqueio-TECNICA
http_access allow grp-G_TECNICA
# Regras de bloqueio de site (por palavras)
#acl palavra url_regex -i "/etc/squid/palavras_negadas"
#http_access deny palavra
dns_nameservers 10.10.1.254
acl manager proto cache_object
acl localhost src 127.0.0.1/8
acl rede src 10.10.1.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow rede
http_access deny all
coredump_dir /var/spool/squid3