caio.thimons
(usa Ubuntu)
Enviado em 08/01/2013 - 13:09h
Boa tarde, instalei um squid aqui na empresa faz pouco tempo, porém fica pedindo autenticação do usuario todo instante, toda pagina que entro pede autenticação, porém os usuario do grupo user_free , user_chefia e user_servidor não fica desçe cheito já o restante sim, alguem me ajuda!
SQUID
http_port 3128
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
auth_param basic realm Digite seu usuario e senha
auth_param basic credentialsttl 4 hours
auth_param basic casesensitive off
visible_hostname Server_Proxy
cache_mgr ti@cientistas.com.br
error_directory /usr/share/squid3/errors/pt-br
hierarchy_stoplist cgi-bin ?
cache_mem 256 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 100 MB
cache_dir ufs /var/spool/squid3 2040 16 256
refresh_pattern ^ftp: 360 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
access_log /var/log/squid3/access.log
acl localhost src 127.0.0.1/32
acl localnet src 10.0.0.0/32
#TI
acl user_free proxy_auth "/etc/squid3/user_free"
http_access allow user_free
#gerentes e chefia
acl user_chefia proxy_auth "/etc/squid3/user_chefia"
http_access allow user_chefia
#Servidores
acl user_servidor proxy_auth "/etc/squid3/user_servidor"
http_access allow user_servidor
#Autentica
acl usuarios proxy_auth REQUIRED
#Comercial
acl user_comercial proxy_auth "/etc/squid3/user_comercial"
#Administrativo
acl user_administrativo proxy_auth "/etc/squid3/user_administrativo"
#Financeiro
acl user_financeiro proxy_auth "/etc/squid3/user_financeiro"
#usuario Download
#acl user_download proxy_auth "/etc/squid3/user_download"
#usuario especial
acl user_especial proxy_auth "/etc/squid3/user_especial"
#usuario normal
acl user_normal proxy_auth "/etc/squid3/user_normal"
#sites excessao
acl unblockedsites url_regex -i "/etc/squid3/unblock"
acl manager proto cache_object
http_access allow manager localhost
http_access deny manager
#controle de banda
delay_pools 2
#sem restricao de banda
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow user_free
delay_access 1 allow user_chefia
#restricao banda geral
delay_class 2 2
delay_parameters 2 512000/512000 512000/512000
delay_access 2 allow all
#Bloqueio MSN
acl msn url_regex -i /gateway/gateway.dll
http_access allow msn user_free
http_access allow msn user_comercial
http_access allow msn user_chefia
http_access deny msn !user_especial
acl purge method PURGE
http_access allow purge localhost
http_access deny purge
acl Safe_ports port 21 # ftp
acl Safe_ports port 22 # ftp
acl Safe_ports port 25 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 80 # http
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 443 # https
acl Safe_ports port 488 # gss-http
acl Safe_ports port 563 # mntps
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # printers
acl Safe_ports port 633 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # unregistered ports
http_access deny !Safe_ports
acl connect method CONNECT
acl ssl_ports port 443 # https
acl ssl_ports port 563 # mntps
acl ssl_ports port 873 # rsync
http_access deny connect !SSL_ports
#url dominio bloqueados
acl domains dstdomain "/etc/squid3/domains"
http_access deny domains !unblockedsites
http_access deny domains !user_free
http_access deny domains !user_chefia
#url dominio bloqueados
acl domains2 dstdomain "/etc/squid3/domains2"
http_access deny domains2 !unblockedsites
http_access deny domains2 !user_free
http_access deny domains2 !user_chefia
http_access deny domains2 !user_especial
#palavras bloqueadas
acl words url_regex -i "/etc/squid3/words"
http_access deny words !unblockedsites
http_access deny words !user_free
http_access deny words !user_chefia
#palavras bloqueadas(facebook e Orkut)
acl words2 url_regex -i "/etc/squid3/words2"
http_access deny words2 !unblockedsites
http_access deny words2 !user_free
http_access deny words2 !user_chefia
http_access deny words2 !user_especial
#Bloqueio porta 443 https
acl https port 443
http_access allow https user_free
http_access allow https user_chefia
http_access allow https user_comercial
http_access allow https user_especial
http_access deny https !unblockedsites
http_access allow user_comercial
http_access allow user_administrativo
http_access allow user_financeiro
http_access allow user_especial
http_access allow user_normal
http_access allow localhost
http_access allow localnet
http_access allow usuarios
http_access deny all
Obrigado deis de já!