rafaelbarth
(usa Ubuntu)
Enviado em 19/11/2013 - 16:42h
Olá pessoal
Estou me aventurando no linux e não saio mais com certeza.
Estou com um dilema e não encontrei solução.
Segue o caso:
Tenho uma rede com 70 hosts e preciso bloquear um específico com horário e dias da semana, exemplo:
IP 192.168.1.13
time MTWHF
horario 08:00-12:00 e 13:30-17:30
site bloqueado: orkut e facebook
segue meu squid
#
# Recommended minimum configuration:
#
http_port 3128 intercept
visible_hostname Servidor
hierarchy_stoplist cgi-bin ?
error_directory /usr/share/squid/errors/pt-br
acl QUERY urlpath_regex cgi-bin \?
cache_mem 3096 MB
#____________Otimizacao do sistema_________________
maximum_object_size 512 MB
maximum_object_size_in_memory 50096 KB
minimum_object_size 0 KB
cache_swap_low 85
cache_swap_high 97
#cache_replacement_policy heap L
cache_effective_user squid
cache_effective_group squid
cache_log /var/log/squid/cache.log
cache_swap_log /var/log/squid/swap.log
cache_access_log /var/log/squid/access.log
cache_dir aufs /var/spool/squid/ 204800 32 256
#cache_dir diskd /home/cache01 204800 64 512 Q1=64 Q2=64
refresh_pattern ^http:// 30 40% 20160
refresh_pattern ^ftp:// 15 20% 10000
refresh_pattern ^gopher:// 15 0% 10000
refresh_pattern . 1440 100% 1440
refresh_pattern -i exe$ 0 50% 100000
refresh_pattern -i zip$ 0 50% 100000
refresh_pattern -i flv$ 0 50% 100000
refresh_pattern -i swf$ 0 50% 100000
refresh_pattern -i cab$ 0 50% 100000
refresh_pattern -i rar$ 0 50% 100000
#_______________ACLS Normais________________________
acl localnet src 192.168.1.0/24
acl sites url_regex -i "/etc/squid/sitesbloqueados"
acl downloads url_regex -i "/etc/squid/downloadsbloqueados"
#acl tecnico src 192.168.1.40/32
acl contabil1 src 192.168.1.15/32
acl contabil2 src 192.168.1.18/32
acl teste src 192.168.1.217/32
acl teste1 src 192.168.1.30/32
acl informatica src 192.168.1.4/32
acl teste_bloqueio src 192.168.1.40/32
acl time_teste_bloqueio time MTWHF 13:30-17:30
acl time_teste_bloqueio1 time MTWHF 08:00-12:00
acl youtube_bloqueado url_regex -i "/etc/squid/youtube"
acl mailyahoo dstdomain yahoo.com
acl wifi src 192.168.10.2-192.168.10.250
#delay_pools 3
#delay_class 1 3
#delay_parameters 1 1000000/1000000 1000000/1000000 1000000/1000000
#delay_access 1 allow tecnico
#delay_class 2 3
#delay_parameters 2 80620/80620 80620/80620 80620/80620
#delay_access 2 allow wifi
#delay_class 3 3
#delay_parameters 3 200400/200400 200400/200400 200400/200400
#delay_access 3 allow localnet
acl manager proto cache_object
acl localhost src 192.168.1.1/32
acl SSL_ports port 4433
acl SSL_ports port 873
acl Safe_ports port 110
acl Safe_ports port 25
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 631
acl Safe_ports port 873
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
no_cache deny QUERY
#_________________________Aplicacao da ACL______________
http_access allow manager localhost
#http_access allow tecnico
http_access allow contabil1
http_access allow contabil2
http_access allow mailyahoo
#http_access allow informatica
#http_access allow teste
#http_access allow teste1
http_access deny time_teste_bloqueio1 youtube_bloqueado
http_access deny time_teste_bloqueio youtube_bloqueado
http_access deny sites
http_access deny downloads
http_access allow localnet !downloads !sites
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow purge localhost
http_access deny purge
http_access allow localhost
http_access deny all
#___________________________FIM_________________________