鱿鱼 - 否认www。怎么样?

时间:2018-03-02 09:05:08

标签: acl squid

我有鱿鱼的问题。我想阻止访问www到选定人员的可能性,原则是我定义允许域并阻止所有其他域。我无法处理这种配置。到目前为止,我所做的是一个带有身份验证的工作代理。

你能帮我解决一下我的问题吗?

此致

acl lan src 192.168.1.0/24

# It does not work
acl TimeWorkUser1 time M T W H F A 7:00-15:00
acl User1 src 192.168.1.100
acl GoodSites dstdomain "/etc/squid/users/GoodSites.cfg"
# end

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 443         # https

acl CONNECT method CONNECT

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic credentialsttl 8 hours
auth_param basic realm Proxy: Wymagana autoryzacja
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager

# It does not work
http_access deny User1 !GoodSites
http_access allow TimeWorkUser1
# end

http_access allow localhost
http_access allow lan    

http_access deny all

http_port 3128

coredump_dir /var/spool/squid

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log



# cat /etc/squid/users/GoodSites.cfg
www.somedomain.com
somedomain.com

0 个答案:

没有答案