Merhaba Huzeyfe Bey
Benim squid.conf dosyam aþaðýdaki gibi ve client' leri kelime,site ve dosya bazlý yasaklamalar yaparak giriþ çýkýþlarýný yapabiliyorlar. ipfw üzerinde ise msn,yahoo,kazaa vs.. ilgili portlarý kapatýp engellemeler yapabiliyorum.
( Tabiki benim burada gruba ipfw kullandýðýmý yazmamakla hata yapmýþým.)
Dediðiniz gibi kurallarý yazdým. Ama ben sadece www.enderunix.org sitesine girmesini istediðim ve diðer sitelere girmesini istemediðim halde hepsine giriþ yapabiliyor.
Ben sadece 192.168.1.220 nolu ip nin www.enderunix.org sitesine girmesini bunun dýþýnda hiçbir web sitesine girmemesini istiyorum. ve diðer squid kurallarýmýnda çalýþmasýný istiyorum.
Biraz karmaþýk oldu galiba umarým anlatabilmiþimdir.
http_port 127.0.0.1:3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
no_cache deny QUERY
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl badkeyword url_regex "/etc/badkeyword.lst"
acl badsite dstdomain "/etc/badsite.lst"
acl badfile urlpath_regex "/etc/badfile.lst"
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl badkeyword url_regex "/etc/badkeyword.lst"
acl badsite dstdomain "/etc/badsite.lst"
acl badfile urlpath_regex "/etc/badfile.lst"
acl special_client src 192.168.1.220
acl special_url url_regex ^http://www.enderunix.org/$
acl special_url url_regex ^http://www.enderunix.org/$
http_access allow manager localhost
http_access deny manager
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny badkeyword
http_access deny badsite
http_access deny badfile
http_access deny badkeyword
http_access deny badsite
http_access deny badfile
http_access deny special_url
http_access allow special_client special_url
http_access allow all
http_reply_access allow all
icp_access allow all
Yahoo! FareChase - Search multiple travel sites in one click.
Yahoo! FareChase - Search multiple travel sites in one click.
