squid (squid.conf)
Conf do squid bastante simples e funcional
Categoria: Segurança
Software: squid
[ Hits: 8.267 ]
Por: Bruno Salmito Filizola de Faria
Conf com bloqueio de palavras chaves, bloqueio de download por extensão de arquivos, bloqueio e liberação de sites e domínios e proxy transparente.
http_port 0.0.0.0:8080 #Ip do servidor proxy / porta utilizada hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY ftp_user Squid@ ftp_passive on hosts_file /etc/hosts refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl manager proto cache_object acl SSL_ports port 443 563 acl SSL_ports port 873 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl Safe_ports port 631 acl Safe_ports port 873 acl Safe_ports port 901 acl Safe_ports port 1338 #Millenium Worm acl Safe_ports port 6776 #Sub 7 acl purge method PURGE acl CONNECT method CONNECT ######################### cache_dir ufs /var/spool/squid 1024 16 256 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl rede src 0.0.0.0/0.0.0.0 #Rede linterna acl Safe_ports port 8080 acl CONNECT method CONNECT acl liberadominio dstdomain "/etc/squid/Regras/regras_acesso" #Coloque aqui os sites a serem liberados acl acesso url_regex -i "/etc/squid/Regras/acesso" #Coloque aqui os sites bloqueados ######################### acl bloq_extensao url_regex "/etc/squid/Regras/extensao" #Coloque aqui estensões a serem bloqueadas ######################### acl palavra url_regex -i "/etc/squid/Regras/regras_palavras" #Coloque aqui as palavras chaves a serem bloqueadas acl palavra url_regex -i "/etc/squid/Regras/palavras" # Esta regra bloqueia todas as palavras sem diferencias maiusculas de minusculas ######################### acl malware_block_list url_regex -i "/etc/squid/Regras/malware" ######################### ########### REGRAS ############## http_access allow rede liberadominio http_access deny all malware_block_list http_access deny all bloq_sites ######################### http_access deny all palavra ######################### http_access deny all bloq_extensao ######################### http_access allow manager localhost http_access allow rede http_access deny !Safe_ports http_access deny all ######################### cache_effective_user proxy cache_effective_group proxy visible_hostname Proxy Server ######################### deny_info ERR_ACCESS_URL bloq_sites deny_info ERR_ACCESS_MALWARE malware_block_list ######################### deny_info ERR_ACCESS_FILE palavra ######################### deny_info ERR_ACCESS_DOWN bloq_extensao ######################### error_directory /usr/share/squid/errors/Portuguese/ ######################### httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on #########################
Enviar mensagem ao usuário trabalhando com as opções do php.ini
Meu Fork do Plugin de Integração do CVS para o KDevelop
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Compartilhamento de Rede com samba em modo Público/Anônimo de forma simples, rápido e fácil
Cups: Mapear/listar todas as impressoras de outro Servidor CUPS de forma rápida e fácil
Criando uma VPC na AWS via CLI
De volta para o futuro - ou melhor, para o presente (23)
Plasma 6 com partes em inglês (0)
A area de trabalho ficou preta (6)