我有鱿鱼的问题。我想阻止访问www到选定人员的可能性,原则是我定义允许域并阻止所有其他域。我无法处理这种配置。到目前为止,我所做的是一个带有身份验证的工作代理。
你能帮我解决一下我的问题吗?
此致
acl lan src 192.168.1.0/24
# It does not work
acl TimeWorkUser1 time M T W H F A 7:00-15:00
acl User1 src 192.168.1.100
acl GoodSites dstdomain "/etc/squid/users/GoodSites.cfg"
# end
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl CONNECT method CONNECT
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic credentialsttl 8 hours
auth_param basic realm Proxy: Wymagana autoryzacja
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
# It does not work
http_access deny User1 !GoodSites
http_access allow TimeWorkUser1
# end
http_access allow localhost
http_access allow lan
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
# cat /etc/squid/users/GoodSites.cfg
www.somedomain.com
somedomain.com