http_port 172.16.4.250:3128 transparent
visible_hostname PROXY
dead_peer_timeout 60 seconds
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
detect_broken_pconn on
pipeline_prefetch on
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/Portuguese
#Cache
cache_mem 512 MB
cache_swap_low 80
cache_swap_high 85
maximum_object_size 512 MB
minimum_object_size 0 MB
maximum_object_size_in_memory 256 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /var/spool/squid 20480 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
ipcache_size 3072
ipcache_low 90
ipcache_high 95
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
refresh_stale_hit 3 seconds
### Tempo maximo de conexão de um cliente
client_lifetime 1 day
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # https
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # httpd, snews
acl Safe_ports port 70 #gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 #portas nao registradas
acl Safe_ports port 280 #http-mgmt
acl Safe_ports port 488 # qss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # mulhhttp
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # swat
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
######### Criando as ACLS #################
#Sites que nao passam por proxy
acl site dstdomain -i "/etc/squid/confs/sitesemproxy"
always_direct allow site
# Computadores sem limite de trafego de banda
acl geral src 172.16.4.100 172.16.4.101 172.16.4.102
http_access allow geral
# PCs com acesso total
acl acesso_total src "/etc/squid/confs/acesso_total"
http_access allow acesso_total
# Sites Liberados
acl liberados dstdomain -i "/etc/squid/confs/sitesliberados"
http_access allow liberados
# Banner anuncio do msn
acl ADSAdClien url_regex ADSAdClien
http_access deny ADSAdClien
deny_info [URL]http://acservinformatica.com.br/msn.html[/URL] ADSAdClien
#Sites Bloqueados
acl bloqueados url_regex -i "/etc/squid/confs/bloqueado"
http_access deny bloqueados
# Bloqueia MSn
acl msn dstdomain loginnet.passport.com
http_access deny msn
acl msnmessenger url_regex -i gateway.dll
acl MSN1 req_mime_type -i ^application/x-msn-messenger$
http_access deny msnmessenger
http_access deny MSN1
# Web Messenger Bloqueio
acl webmsn dstdomain webmessenger.msn.com
http_access deny webmsn
#Bloqueando download de programas
acl extban url_regex -i "/etc/squid/confs/extban"
http_access deny extban
#Bloquando arquivos de musicas
acl proibir_musica urlpath_regex -i "/etc/squid/confs/bloqmusicas"
http_access deny proibir_musica
acl redelocal src 172.16.4.0/32
http_access allow localhost
http_access allow redelocal
http_access deny all