COnfiguração do Squid.Conf Desbloquear pelo ip da maquina

Iniciado por wallaceshutt, 20 de Junho de 2008, 13:13

tópico anterior - próximo tópico

wallaceshutt

Fala gelera, blz ?
to usando a configuração a seguir no meu squid.conf
quando tentar entrar em alguma coisa bloqueada ele pede login e senha, mais em vez de pedir login gostaria de bloquear por IP, ou seja criar uma lista de ip que podem ter acesso livre a tudo, como faço isso.
valeuu

################################################
##### Porta, Nome e Cache #####
################################################
#
http_port 3128
cache_peer 10.103.2.4 parent 3128 0
visible_hostname bywallace
#
cache_mem 150 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 256 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
#
################################################
##### Log #####
################################################
#
cache_access_log /var/log/squid/access.log
cache_store_log /var/log/squid/store.log
cache_log /var/squid/logs/cache.log
cache_dir ufs /var/spool/squid 20000 16 256
#
################################################
##### ACLs #####
################################################
#
acl all src 0.0.0.0/0.0.0.0
never_direct allow all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
#acl SSL_ports port port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # portas altas
acl purge method PURGE
acl CONNECT method CONNECT
#
################################################
##### Direitos de Acessos #####
################################################
#
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
#
################################################
## USANDO NCSA_AUTH ##
################################################
#
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic realm Servidor Proxy de Internet . Entre com seu usuário e Senha.
#auth_param basic children 5
#
################################################
## AUTENTICAÇÃO ##
################################################
#
acl autenticados proxy_auth REQUIRED
#
################################################
## BLOQUEAR PALAVRAS ##
################################################
#
acl acesso_full proxy_auth "/etc/squid/acessos/acesso_full"
acl bloquear_palavras url_regex -i "/etc/squid/bloqueios/bloquear_palavras"
deny_info http://www.vivaolinux.com.br/~jpaulo_farias bloquear_palavras
#
################################################
## BLOQUEIA O MESSENGER ##
################################################
#
acl bloquear_msn dstdomain "/etc/squid/bloqueios/bloquear_msn"
acl acesso_msn proxy_auth "/etc/squid/acessos/acesso_msn"
http_access allow acesso_msn bloquear_msn
http_access deny bloquear_msn
deny_info http://www.vivaolinux.com.br/~jpaulo_farias bloquear_msn
#
################################################
## BLOQUEIA ORKUT ##
################################################
#
acl bloquear_orkut url_regex -i "/etc/squid/bloqueios/bloquear_orkut"
acl acesso_orkut proxy_auth "/etc/squid/acessos/acesso_orkut"
http_access allow acesso_orkut bloquear_orkut
http_access deny bloquear_orkut
deny_info http://www.vivaolinux.com.br/~jpaulo_farias bloquear_orkut
#
################################################
## BLOQUEIA GOOGLE TALK ##
################################################
#
acl bloquear_googletalk url_regex -i "/etc/squid/bloqueios/bloquear_googletalk"
acl acesso_googletalk proxy_auth "/etc/squid/acessos/acesso_googletalk"
http_access allow acesso_googletalk bloquear_googletalk
http_access deny bloquear_googletalk
deny_info http://www.vivaolinux.com.br/~jpaulo_farias bloquear_googletalk
#
################################################
## CONTROLE DE BANDA ##
################################################
#
acl livre proxy_auth "/etc/squid/acessos/acesso_banda"
acl block src 10.10.0.0/255.255.0.0
delay_pools 2
#
# Classe 1 - Acesso a Internet a 512k
#
delay_class 1 2
delay_parameters 1 -1/-1 69000/69000
#
# Classe 2 - Acesso a Internet a 180k
#
delay_class 2 2
delay_parameters 2 -1/-1 22500/22500
delay_access 1 allow livre
delay_access 2 allow block
#
http_access allow autenticados acesso_full
http_access allow acesso_full bloquear_palavras
http_access deny bloquear_palavras
#
acl redelocal src 10.10.0.0/255.255.0.0
http_access allow localhost
http_access allow redelocal
#
http_access deny all