0 votos

usuarios y contraseñas en squid no me funciona, esto es lo que tengo, soy novato empiezo en este campo

esto es lo que tengo montado y no se si esta bien navegan los usuarios pero quiero empezar a poner politicas del squid

Recommended minimum configuration:

acl all src all acl red_interna src 192.168.0.0/24 acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32

****

Creando el archivo passwd con el primer usuario CIDY de nuestro servidor squid en

el directorio /etc/squid/:

Creando el archivo claves

auth_param basic program /usr/lib/squid/ncsa_auth /squid/etc/claves

#

http_access allow hostpermitidos red_interna

chmod 600 /squid/etc/claves

chown squid:squid /squid/etc/claves

Adicionando nuevos usuarios sus nombres

htpasswd /squid/etc/claves cidy

htpasswd /squid/etc/claves david

htpasswd /etc/squid/passwd roylan (Director genearl)

htpasswd /etc/squid/passwd castillo (Director operaciones)

htpasswd /etc/squid/passwd chang (Esp. logistica)

htpasswd /etc/squid/passwd lmendes (director operaciones)

htpasswd /etc/squid/passwd darlen (Directora Rec. Humanos)

htpasswd /etc/squid/passwd yanet (Director Economica)

htpasswd /etc/squid/passwd osmany (Esp. Energia)

htpasswd /etc/squid/passwd damian (Esp. Transporte)

htpasswd /etc/squid/passwd yosvany (director UEB)

htpasswd /etc/squid/passwd rosa (directora economica UEB)

htpasswd /etc/squid/passwd dunia (Esp. Coemrecial)

htpasswd /etc/squid/passwd roylan (Dtor General)

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/claves

acl password proxy_auth REQUIRED

http_access allow hostpermitidos pass_web

*****Recommended minimum configuration:

acl all src 0.0.0.0/0

acl manager proto cache_object

acl localhost src 127.0.0.1/8

acl localnet src 192.168.0.1/24

acl password proxy_auth REQUIRED

acl red_interna src 192.168.0.1/24

http_access allow localhost

http_access allow localhost password

http_access deny all

*****Recommended minimum configuration:

acl all src 0.0.0.0/0

acl manager proto cache_object

acl localhost src 127.0.0.1/8

acl red_interna src 192.168.0.1/24

***dar acceso a los usuarios

http_access allow red_interna

http_access allow red_interna passwd

http_access deny all

http_port 8080 transparent

http_port 53 transparent

cache_mem 256 MB

cache_dir ufs /var/spool/squid 2000 16 256

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd

acl password proxy_auth REQUIRED

acl all src 0.0.0.0/0.0.0.0

http_access allow passwd

http_access allow all

*****

acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 acl SSL_ports port 563 # snews acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 563 # snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 8080 # Squids port (for icons)

acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

acl CONNECT method CONNECT

acl red_interna src 192.168.0.0/255.255.255.0 acl PAGPORN url_regex "C:\squid\etc\porno.txt" acl PAGBLOCK url_regex "C:\squid\etc\bloqueadas.txt" acl EXTENSIONES urlpath_regex "C:\squid\etc\extensiones.txt" acl PERMITIDOS urlpath_regex "C:\squid\etc\permitidos.txt" acl PERMITIDOS_UEB urlpath_regex "C:\squid\etc\permitidos_ueb.txt" acl PERMITIDOS_EMP urlpath_regex "C:\squid\etc\permitidos_emp.txt" acl refrigerio time MTWHF 07:00-24:00 acl salida time MTWHF 07:00-24:00

acl permitidos_ueb time MTWHF 07:30-14:00

acl permitidos_emp time MTWHF 12:30-18:00

acl hotmail dstdomain .hotmail.com acl passport dstdomain .passport.net acl msn dstdomain .msn.com acl hotmail_domains dstdomain .hotmail.msn.com

http_access allow red_interna

http_access allow red_interna http_access deny PAGPORN http_access deny PAGBLOCK !refrigerio !salida http_access deny extensiones http_access allow permitidos http_access allow permitidos_ueb http_access allow permitidos_emp http_access allow hotmail_domains http_access allow hotmail http_access allow passport

always_direct allow hotmail always_direct allow passport always_direct allow msn

http_access allow manager localhost http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports

http_access allow localnet

http_access red_interna http_access porno http_access bloqueadas http_access extensiones http_access permitidos http_access permitidos_ueb http_access permitidos_emp http_access marca http_access deny all

Allow ICP queries from local networks only

icp_access allow localnet icp_access deny all

TAG: http_port

http_port 8080

TAG: hierarchy_stoplist

We recommend you to use at least the following line.

hierarchy_stoplist cgi-bin ?

TAG: cache_mem (bytes)

cache_mem 512 MB

TAG: cache_dir

cache_dir ufs c:/squid/var/cache 2000 16 256

TAG: access_log

access_log c:/squid/var/logs/access.log squid

TAG: cache_log

cache_log c:/squid/var/logs/cache.log

TAG: refresh_pattern

refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320

TAG: upgrade_http0.9

acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast

TAG: broken_vary_encoding

acl apache rep_header Server ^Apache broken_vary_encoding allow apache

Leave coredumps in the first cache dir

coredump_dir c:/squid/var/cache

TAG: dns_nameservers

dns_nameservers 208.67.222.222 208.67.220.220

TAG: icon_directory

icon_directory c:/squid/share/icons

TAG: error_directory

error_directory c:/squid/share/errors/Spanish

EnMiMaquinaFunciona.com

EnMiMaquinaFunciona es una comunidad de administradores de sistemas en la que puedes resolver tus problemas y dudas.
Puedes consultar las preguntas de otros sysadmin, hacer tus propias preguntas o resolver las de los demás.

Powered by: