Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- http_port 8080
- cache_dir aufs /var/cache/squid3/ 1024 16 256
- cache_mem 128 MB
- ################################
- ## Authentifizierung ueber AD ##
- ################################
- auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
- auth_param ntlm children 30
- #auth_param ntlm use_ntlm_negotiate on
- auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
- auth_param basic children 5
- auth_param basic realm Squid proxy-caching web server
- auth_param basic credentialsttl 2 hours
- ######################
- ## ACL Definitionen ##
- ######################
- # Standard
- acl manager proto cache_object
- acl localhost src 127.0.0.1/32 ::1
- acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
- # Ports
- acl SSL_ports port 443
- acl Safe_ports port 80
- acl Safe_ports port 21
- acl Safe_ports port 443
- # Netzwerke
- acl lan src 192.168.0.0/24
- acl weggensteinstr src 192.168.9.0/24
- acl kassa src 192.168.1.42/32
- #acl tbsrv5 src 192.168.0.92/32
- #acl dmc src 192.168.
- acl mesonic dst www.mesonic.com
- acl apple dst ax.init.itunes.apple.com
- acl flashplayer dst fpdownload.macromedia.com
- acl tbsrv2 src 192.168.0.1/32
- # Surfzeiten fuer Kaspareth Privat
- # Mo, Mi, Fr und Samstag von 16:00 bis 18:00
- acl denytime-tag time M W F A 16:00-18:00
- acl denytime-nacht time 21:15-24:00
- acl denytime-morgen time 00:00-06:00
- # Authentifizierung
- acl AuthUsers proxy_auth REQUIRED
- # Gruppenabfrage
- external_acl_type ad_group %LOGIN /usr/lib/squid3/wbinfo_group.pl
- acl ad_Internet external ad_group Internet
- acl ad_Office external ad_group Office
- acl ad_Privat external ad_group Privat
- acl ad_Reserviert external ad_group Reserviert
- acl ad_NoInternet external ad_group NoInternet
- # Blacklists
- #acl bl_porn dstdomain -i "/etc/squid3/blacklists/porn/domains"
- #acl bl_proxy dstdomain -i "/etc/squid3/blacklists/proxy/domains"
- #acl bl_warez dstdomain -i "/etc/squid3/blacklists/warez/domains"
- #acl bl_violence dstdomain -i "/etc/squid3/blacklists/violence/domains"
- http_access allow manager localhost
- http_access deny manager
- http_access deny !Safe_ports
- #http_access allow lan
- http_access allow weggensteinstr !denytime-nacht !denytime-morgen
- http_access allow mesonic apple flashplayer tbsrv2
- http_access allow kassa
- #http_access allow tbsrv5
- #!denytime !bl_porn !bl_proxy !bl_warez !bl_violence
- http_access deny ad_NoInternet
- http_access allow ad_Internet
- #!bl_porn !bl_proxy !bl_warez !bl_violence
- http_access allow ad_Office
- #!bl_porn !bl_proxy !bl_warez !bl_violence
- http_access allow ad_Privat
- #!bl_porn !bl_proxy !bl_warez !bl_violence
- http_access allow ad_Reserviert
- #!bl_porn !bl_proxy !bl_warez !bl_violence
- http_access allow localhost
- http_access deny all
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement