vovanj7
Silver Member | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору ####SERVER & IP # http_port 192.168.0.2:3128 visible_hostname squid.vqslocal.com # ####DENY CACHE # #no_cache deny PROTO cache_mem 0 MB maximum_object_size 0 MB maximum_object_size_in_memory 0 KB cache_dir null /tmp # mime_table /usr/local/etc/squid/mime.conf # ####LOGS cache_access_log /usr/local/squid/logs/access.log cache_log /usr/local/squid/logs/cache.log cache_store_log none #cache_store_log /usr/local/squid/var/logs/store.log # debug_options ALL,1 33,2 #### SQUID USER # cache_effective_user squid # #### AUTH Active Directory # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 # auth_param basic program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 30 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours # # #### ACL # external_acl_type nt_group ttl=0 %LOGIN /usr/local/libexec/squid/wbinfo_group.pl acl internetsupport external nt_group internetsupport acl internetdevelopers external nt_group internetdevelopers acl internetfull external nt_group internetfull #acl VQSLOCAL proxy_auth REQUIRED # acl SSL_ports port 443 563 acl safe_ports port 80 # http acl safe_ports port 20 # ftp acl safe_ports port 21 # ftp acl safe_ports port 443 # ssl acl safe_ports port 5190 # icq acl safe_ports port 5222 # qip infium acl ICQ_port port 443 # ICQ acl ICQ_port port 5190 # ICQ acl ICQ_port port 1863 # MSN acl ICQ_port port 5222 # ICQ acl CONNECT method CONNECT acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 #cache deny all # ####ALLOW SITE FOR DEVELOPERS # acl allow_site dstdomain "/usr/local/etc/squid/allow_site.txt" # #### DENY SITE FOR SUPPORT # acl deny_site dstdomain "/usr/local/etc/squid/deny_site.txt" # #### ZAPRESCHENNIE v URL VIRAJENIYA # acl bad_url url_regex "/usr/local/etc/squid/deny_url.txt" # #### DENY DOMAIN NAMES # acl deny_domains dstdomain "/usr/local/etc/squid/deny_domains.txt" # ####DENY IP & NETWORKS # acl bad_networks dst "/usr/local/etc/squid/bad_networks.txt" # #### LIST NOT AUTORIZED USERS # ##acl not_autorized src "/usr/local/etc/squid/not_autorized.txt" # ### Time limit # acl work-time time SMTWHFA 10:00-14:00 acl unwork-time time SMTWHFA 14:00-16:00 acl wokr-time time SMTWHFA 16:00-20:00 acl unwork-time time SMTWHFA 20:00-24:00 acl unwork-time time SMTWHFA 00:00-10:00 # # ####DENY URL # http_access deny bad_url # ####DENY Networks & IP # http_access deny bad_networks # ####Deny domain names # http_access deny deny_domains # # # #### RAZRESHENIYA # # # http_access allow localhost # http_access allow internetfull # # # http_access allow internetdevelopers allow_site work-time http_access deny internetdevelopers work-time http_access allow internetdevelopers unwork-time # # # http_access deny internetsupport ICQ_port work-time http_access deny internetsupport deny_site work-time http_access allow internetsupport work-time http_access allow internetsupport unwork-time # # # # ###Deny all NAX... # http_access deny all |