jkbrandao
(usa Debian)
Enviado em 19/03/2012 - 11:39h
Bom dia amigos, estou com o seguinte problema.
* Tenho duas redes (uma para aluno e outra para administrativo) e configurei as mesmas regras de bloqueio para ambas. Porém o squid está bloqueando na Rede administrativa mais não bloqueia na rede de alunos.
Abaixo segue meu arquivo squid.conf
-----------------------------------------------------------------------
#Porta do Squid
http_port 3128 transparent
#Hostname
visible_hostname proxyserver.uneouro.edu.br
cache_mgr cpd@uneouro.edu.br
error_directory /usr/share/squid3/errors/Portuguese
#Configuracao de Cache
hierarchy_stoplist cgi-bin ?
cache_mem 32 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 100 MB
cache_dir ufs /var/spool/squid3 2048 16 256
refresh_pattern ^ftp: 360 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
access_log /var/log/squid3/access.log
cache_log /var/log/squid3/cache.log
#Regras
acl localhost src 127.0.0.1/32
acl RedeInterna src 192.168.10.0/24
#Rede dos alunos
acl RedeAlunos src 192.168.100.0/24
#Controle de Banda
acl Download url_regex -i .exe .mp3 .vqf .tar.gz .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav .mov .iso
delay_pools 2
# Rede Interna com Banda Ilimitada
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow Download
delay_access 1 allow RedeInterna
delay_access 1 allow localhost
# Rede Alunos Limitada a +/- 64Kbps
delay_class 2 2
delay_parameters 2 8000/8000 8000/8000
delay_access 2 allow Download
delay_access 2 allow RedeAlunos
acl manager proto cache_object
http_access allow manager localhost
http_access deny manager
acl purge method PURGE
http_access allow purge localhost
http_access deny purge
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 80 # http
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 443 # https
acl Safe_ports port 488 # gss-http
acl Safe_ports port 563 # nntps
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # unregistered ports
http_access deny !Safe_ports
acl connect method CONNECT
acl SSL_ports port 443 # https
acl SSL_ports port 563 # nntps
acl SSL_ports port 873 # rsync
http_access deny connect !SSL_ports
acl MaquinasLiberadas src "/etc/squid3/ipsliberados"
http_access allow MaquinasLiberadas
acl words url_regex -i "/etc/squid3/words"
http_access deny words
acl extensions urlpath_regex -i "/etc/squid3/extensions"
http_access deny extensions
http_access allow localhost
http_access allow RedeInterna
http_access allow RedeAlunos
http_access deny all
deny_info
http://189.53.73.163/deny.html extensions
deny_info
http://189.53.73.163/deny.html domains
deny_info
http://189.53.73.163/deny.html words
-----------------------------------------------------------------------