Upload File

squid.conf

Download Squid.conf

If you can't read please download the document

Upload: dalmo-pereira

Post on 26-Oct-2015

29 views

Category:

Documents


2 download

Report

TRANSCRIPT

# # # # # # # #

--------------------------------------------------------------Dalmo Pereira # ----------------------------------------------------------------------------------------------------------------------------CONFIGURAES BSICAS # --------------------------------------------------------------Arquivo do Squid como proxy Transparente# Porta pela qual o squid libera o acesso

# # # #

http_port 3128 transparent cache_mem 1024 MB cache_dir ufs /var/cache/squid 65536 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log pid_filename /var/run/squid.pid error_directory /usr/share/squid/errors/Portuguese emulate_httpd_log on visible_hostname Servidor cache_mgr [email protected] #Novo: maximum_object_size 1024 MB minimum_object_size 0 KB maximum_object_size_in_memory 256 KB cache_swap_low 90 cache_swap_high 95 refresh_pattern ^ftp: 15 20% 2280 refresh_pattern ^gopher: 15 0% 2280 refresh_pattern . 15 20% 2280 # acl - Recomendadas #******************* # acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT # Autenticao auth_param basic program /usr/bin/squid/ncsa_auth /etc/squid/squid_passwd

acl autenticados proxy_auth REQUIRED http_access allow autenticados auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd acl autenticados proxy_auth REQUIRED refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reloadinto-ims refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 re load-into-ims refresh_pattern www.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reloadinto-ims refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi) 4320 100% 43 200 reload-into-ims # # acl - Personalizadas #********************* # # *** Define portas liberadas # acl Safe_ports port 3050 # Interbase/Firebird # acl Safe_ports port 23000 # Serpro # acl Safe_ports port 13352 # SIRF # acl Safe_ports port 500 # FAP Digital #acl Safe_ports port 110 #acl Safe_ports port 25 # # *** Define a rede interna (Intranet) acl intranet src 192.168.0.0/255.255.255.0 # acl windowsupdate dstdomain windowsupdate.microsoft.com acl windowsupdate dstdomain .update.microsoft.com acl windowsupdate dstdomain download.windowsupdate.com acl windowsupdate dstdomain redir.metaservices.microsoft.com acl windowsupdate dstdomain images.metaservices.microsoft.com acl windowsupdate dstdomain c.microsoft.com acl windowsupdate dstdomain www.download.windowsupdate.com acl windowsupdate dstdomain wustat.windows.com acl windowsupdate dstdomain crl.microsoft.com acl CONNECT method CONNECT acl wuCONNECT dstdomain www.update.microsoft.com http_access allow CONNECT wuCONNECT intranet http_access allow windowsupdate intranet acl manutencao src 192.168.0.130 acl espertinhos src 192.168.0.130 #Liberando downloads para manutencao acl download url_regex -i "/etc/squid/bloqueados/downloadsok.txt" http_access allow download manutencao #Liberando Webmail.exe e ftp interno acl webmail url_regex -i "/etc/squid/bloqueados/webmail.txt" http_access allow webmail intranet # LISTA DE SITES BLOQUEADOS acl Site_Bloqueado url_regex "/etc/squid/bloqueados/block.txt" http_access deny Site_Bloqueado

#Bloqueando Sites para os espertinhos acl site_espertinho url_regex -i "/etc/squid/bloqueados/espertinho.txt" http_access deny site_espertinho espertinhos #Donwloads acl download url_regex -i "/etc/squid/bloqueados/downloads.txt" http_access deny download #Sites que nao serao gravados no cache acl NOCACHE url_regex "/etc/squid/bloqueados/direto.txt" \? no_cache deny NOCACHE # LISTA DE PALAVRAS BLOQUEADAS # acl Palavra_Bloqueada url_regex "/etc/squid/bloqueados/palavras.txt" # http_access deny Palavra_Bloqueada http_access http_access http_access http_access http_access http_access allow manager localhost deny manager allow purge localhost deny purge deny !Safe_ports deny CONNECT !SSL_ports

http_access allow intranet http_access deny all #Limpeza automtica do cache # reference_age 1 week #Definio para que no seja feito cache de pginas seguras SSL no_cache deny SSL_ports


Oracle® Solaris 11.3 ご使用にあたってSquid バージョン 3.5.5 以降のインストールでは squid.conf ファイル の更新が必要になる場合がある (21908956)

Firewall, Iptables, Proxy - Bienvenido de configuración del Squid, cuya ruta es: /etc/squid/squid.conf squid.conf viene muy documentado. Antes de seguir, échale un vistazo. Es común

ติดตั้งและใช้งาน IPCop · Download throttling . IPCop 57 Vill . Authentication Local Classroom extensions (CRE) squid.conf. squid.conf ... (Advanced

Instalação e Configuração Squid ( Não Transparente) · # nano squid.conf Carlos Tardocchi [email protected] Pág - 2 Instalação e Configuração Squid Proxy não transparente

代理伺服器 Proxy. 大綱 簡介 Proxy Explanation of squid.conf. Research issues. Benchmark tools and reports Suggestions for Axtronics Related software Other notes

Jose Carlos Roncero Blanco - WordPress.com.../etc/squid/squid.conf Aquí, añadiremos las ACL para requerir autenticación proxy, otra para especificar la red local y otra para los

Jose Carlos Roncero Blanco - WordPress.com...Abrimos el archivo de configuración asi nano /etc/squid/squid.conf Aceptamos conexiones por el puerto 3128 Le ponemos 1/3 de la memoria