+ Responder ao Tópico



  1. #1
    webluc
    Visitante

    Padrão Regras de ACL no RH 9 não responde, alguém pode me ajudar?

    Meu Squid.conf..


    hierarchy_stoplist cgi-bin ?
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    auth_param basic children 5
    auth_param basic realm Squid proxy-caching web server
    auth_param basic credentialsttl 2 hours
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320

    #CACHE
    cache_mem 64 MB
    cache_dir ufs /usr/local/squid/cache/ 7000 16 256
    cache_dir diskd /usr/local/squid/cache/ 256 16 256 Q1=64 Q2=72
    maximum_object_size 2048 KB
    emulate_httpd_log on
    cache_mgr [email protected]


    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT

    # SECAO ACL REDE INTERNA
    acl rede_interna src 192.168.1.0/24
    http_access allow rede_interna

    # SECAO DE BLOCK
    acl pro_ip src "/usr/local/squid/block/pro_ip"
    acl pro_url url_regex "/usr/local/squid/block/pro_url"


    # SECAO HTTP_ACCESS
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localhost
    http_access deny all
    http_reply_access allow all
    http_access deny pro_ip
    http_access deny pro_url
    icp_access allow all
    coredump_dir /var/spool/squid

    httpd_accel_port 80
    httpd_accel_host virtual
    httpd_accel_with_proxy on
    httpd_accel_uses_host_header on


    ie_refresh on

  2. #2

    Padrão Regras de ACL no RH 9 não responde, alguém pode me ajudar?

    Que regras não estão funcionando? procure sempre colocar as acls que limitam alguma coisa antes da acl que libera a sua rede interna...entendeu!!!

    Qualquer coisa, posta aqui!!!

    Abraços.