![]() |
Sites sem autenticacao Debian jessie squid 3.4.8 - Versão para Impressão +- Fórum Debian (http://www.forumdebian.com.br) +-- Fórum: Debian (/forum-4.html) +--- Fórum: Redes (/forum-17.html) +--- Tópico: Sites sem autenticacao Debian jessie squid 3.4.8 (/thread-28015.html) |
Sites sem autenticacao Debian jessie squid 3.4.8 - marduk28 - 18/04/2017 00:26 Boa noite pessoal!! Estou com um problema já alguns dias para a criação de uma regra para sites sem autenticação, ja li vários exemplos de regras mais nem uma funcionou comigo no no squid 3.4.8 (Debian Jessie) , em versões anteriores do squid a acl funcionou, porem nesta versão ele libera os sites mais pede autenticação ai eu clico em cancelar na janela de autenticação o site abre normalmente, porem a tela de autenticação do proxy sempre aparece, segue abaixo o meu squid.conf. Desde já Agradeco a ajuda do fórum!!!! (proxy autenticado) ################################################ ##### Porta, Nome e Cache ##### ################################################ # http_port 3128 icp_port 3130 visible_hostname Solsta # cache_mem 64 MB maximum_object_size_in_memory 64 KB maximum_object_size 128 MB minimum_object_size 0 KB cache_swap_low 85 cache_swap_high 95 refresh_pattern ^ftp: 15 20% 2280 refresh_pattern ^gopher: 15 0% 2280 refresh_pattern . 15 20% 2280 # ################################################ ##### Log ##### ################################################ # cache_access_log /var/log/squid3/access.log cache_store_log /var/log/squid3/store.log cache_log /var/log/squid3/cache.log cache_dir ufs /var/spool/squid3 20000 16 256 # ################################################ ##### ACLs ##### ################################################ # acl all src #acl manager proto cache_object #acl localhost src 127.0.0.1/32::1 #acl SSL_ports port port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 901 # swat acl Safe_ports port 1025-65535 # portas altas acl purge method PURGE acl CONNECT method CONNECT # acl SSL_ports port 443 acl SSL_ports port 465 acl SSL_ports port 563 acl SSL_ports port 873 acl SSL_ports port 995 ################################################ ###############bypass############ acl url_livre dstdomain -i "/etc/squid3/lista/url_livre" acl http proto http acl port_80 port 80 acl port_443 port 443 acl CONNECT method CONNECT #### rules allowing non-authenticated users http_access allow http port_80 url_livre http_access allow CONNECT port_443 url_livre http_access allow url_livre always_direct allow url_livre acl disable dstdomain "/etc/squid3/lista/url_livre" cache deny disable ##############liberacao local############# http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge # ##############Sites Livres de autenticação############# ##acl sitel url_regex -i ("/etc/squid3/lista/url_livre") ##http_access allow sitel ################################################ ## USANDO NCSA_AUTH ## ################################################ # auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/passwd auth_param basic realm Santa Isabel. Entre com seu usuario e Senha. auth_param basic children 5000 # ################################################ ## AUTENTICAÇÃO ## ################################################ acl usuarios proxy_auth REQUIRED acl acesso_livre proxy_auth "/etc/squid3/lista/usr_livre" http_access allow usuarios acesso_livre # acl acesso_restrito proxy_auth "/etc/squid3/lista/usr_restrito" acl url_bloqueado url_regex -i "/etc/squid3/lista/url_bloqueado" # http_access deny url_bloqueado http_access allow acesso_restrito !url_bloqueado http_access allow CONNECT port_443 acesso_restrito !url_bloqueado # acl acesso_bloqueado proxy_auth "/etc/squid3/lista/usr_bloqueado" acl url_liberado url_regex -i "/etc/squid3/lista/url_liberado" # http_access allow url_liberado http_access deny acesso_bloqueado !url_liberado http_access allow CONNECT port_443 url_liberado http_access allow usuarios acesso_restrito http_access allow usuarios acesso_bloqueado ################################################ ## BLOQUEAR PALAVRAS ## ################################################ # acl redelocal src 192.168.20.0/24 http_access allow localhost http_access allow redelocal # error_directory /usr/share/squid3/errors/pt-br http_access deny all RE: Sites sem autenticacao Debian jessie squid 3.4.8 - Carlos Nascimento - 16/05/2017 14:00 O problema tá de lógica, vc tá liberando a rede total ou seja (acl redelocal src 192.168.20.0/24 http_access allow redelocal ) comente essas acl. Já que está bloqueando site e outros antes. Verifique após comentar faça o teste depois de comentar pode até ser que esteja certo o que vc fez.Teste. RE: Sites sem autenticacao Debian jessie squid 3.4.8 - Carlos Nascimento - 14/06/2017 14:06 (18/04/2017 00:26)marduk28 Escreveu: Boa noite pessoal!! |