http_port 8080cache_dir aufs /var/cache/squid3/ 1024 16 256cache_mem 128 M

1. http_port 8080
2.  
3. cache_dir aufs /var/cache/squid3/ 1024 16 256
4. cache_mem 128 MB
5.  
6. ################################
7. ## Authentifizierung ueber AD ##
8. ################################
9. auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
10. auth_param ntlm children 30
11. #auth_param ntlm use_ntlm_negotiate on
12.  
13. auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
14. auth_param basic children 5
15. auth_param basic realm Squid proxy-caching web server
16. auth_param basic credentialsttl 2 hours
17.  
18. ######################
19. ## ACL Definitionen ##
20. ######################
21.  
22. # Standard
23. acl manager proto cache_object
24. acl localhost src 127.0.0.1/32 ::1
25. acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
26.  
27. # Ports
28. acl SSL_ports port 443
29. acl Safe_ports port 80
30. acl Safe_ports port 21
31. acl Safe_ports port 443
32.  
33. # Netzwerke
34. acl lan src 192.168.0.0/24
35. acl weggensteinstr src 192.168.9.0/24
36. acl kassa src 192.168.1.42/32
37. #acl tbsrv5 src 192.168.0.92/32
38. #acl dmc src 192.168.
39.  
40. acl mesonic dst www.mesonic.com
41. acl apple dst ax.init.itunes.apple.com
42. acl flashplayer dst fpdownload.macromedia.com
43. acl tbsrv2 src 192.168.0.1/32
44.  
45. # Surfzeiten fuer Kaspareth Privat
46. # Mo, Mi, Fr und Samstag von 16:00 bis 18:00
47. acl denytime-tag time M W F A 16:00-18:00
48.  
49. acl denytime-nacht time 21:15-24:00
50. acl denytime-morgen time 00:00-06:00
51. # Authentifizierung
52. acl AuthUsers proxy_auth REQUIRED
53. # Gruppenabfrage
54. external_acl_type ad_group %LOGIN /usr/lib/squid3/wbinfo_group.pl
55. acl ad_Internet external ad_group Internet
56. acl ad_Office external ad_group Office
57. acl ad_Privat external ad_group Privat
58. acl ad_Reserviert external ad_group Reserviert
59. acl ad_NoInternet external ad_group NoInternet
60.  
61. # Blacklists
62. #acl bl_porn dstdomain -i "/etc/squid3/blacklists/porn/domains"
63. #acl bl_proxy dstdomain -i "/etc/squid3/blacklists/proxy/domains"
64. #acl bl_warez dstdomain -i "/etc/squid3/blacklists/warez/domains"
65. #acl bl_violence dstdomain -i "/etc/squid3/blacklists/violence/domains"
66.  
67. http_access allow manager localhost
68. http_access deny manager
69.  
70. http_access deny !Safe_ports
71.  
72. #http_access allow lan
73.  
74. http_access allow weggensteinstr !denytime-nacht !denytime-morgen
75. http_access allow mesonic apple flashplayer tbsrv2
76. http_access allow kassa
77. #http_access allow tbsrv5
78. #!denytime !bl_porn !bl_proxy !bl_warez !bl_violence
79. http_access deny ad_NoInternet
80. http_access allow ad_Internet
81. #!bl_porn !bl_proxy !bl_warez !bl_violence
82. http_access allow ad_Office
83. #!bl_porn !bl_proxy !bl_warez !bl_violence
84. http_access allow ad_Privat
85. #!bl_porn !bl_proxy !bl_warez !bl_violence
86. http_access allow ad_Reserviert
87. #!bl_porn !bl_proxy !bl_warez !bl_violence
88. http_access allow localhost
89.  
90. http_access deny all