четверг, 4 августа 2011 г.

Linux: конфигурация редиректора SquidGuard

#
# CONFIG FILE FOR SQUIDGUARD
#

dbhome /var/lib/squidguard/BL
logdir /var/log/squid3

#
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat

time workhours
{
weekly mtwhf 08:15 - 12:30
weekly mtwhf 13:10 - 16:55
#date *-*-01 08:15 - 16:55
}

#
# REWRITE RULES:
#

rewrite mp3 {
s@.*\.mp3$@http://192.168.8.3/deny/music.mp3@r
# s@.*\.swf$@http://192.168.8.3/deny/baner.gif@r
}


# Создание списков пользователей

src ban {
iplist /etc/squid3/acl/ban
}
src server {
iplist /etc/squid3/acl/server
}
src buhgalter {
iplist /etc/squid3/acl/buhgalter
}
src users {
iplist /etc/squid3/acl/user
}
#src plus {
# iplist /etc/squid3/acl/plus
# }
src nachalnik {
iplist /etc/squid3/acl/nachalnik
}

#Подлючение баз
dest admin {
domainlist admin/domains
# expressionlist admin/exp
redirect http://proxy/deny/baner.gif
}
dest adv {
domainlist adv/domains
urllist adv/urls
redirect http://proxy/deny/baner.gif
}
dest dating {
domainlist dating/domains
urllist dating/urls
redirect http://proxy/deny/baner.gif
}
dest movies {
domainlist movies/domains
urllist movies/urls
redirect http://proxy/deny/baner.gif
}
dest socialnet {
domainlist socialnet/domains
urllist socialnet/urls
redirect http://proxy/deny/baner.gif
}
dest redirector {
domainlist redirector/domains
urllist redirector/urls
redirect http://proxy/deny/baner.gif
}
dest tracker {
domainlist tracker/domains
urllist tracker/urls
redirect http://proxy/deny/baner.gif
}
#dest spyware {
# domainlist spyware/domains
# urllist spyware/urls
# }
#dest sex {
# domainlist sex/lingerie/domains
# urllist sex/lingerie/urls
# redirect http://proxy/deny/porn.gif
# }
#dest porn {
# domainlist porn/domains
# urllist porn/urls
# redirect http://proxy/deny/porn.gif
# }
#dest movies {
# domainlist movies/domains
# urllist movies/urls
# }
#dest music {
# domainlist music/domains
# urllist music/urls
# }
dest webradio {
domainlist webradio/domains
urllist webradio/urls
redirect http://proxy/deny/baner.gif
}
dest updatesites {
domainlist updatesites/domains
urllist updatesites/urls
redirect http://proxy/deny/baner.gif
}

#Списки
acl {
ban within workhours {
pass none
# redirect http://proxy/deny/accessdenied.html
# redirect http://proxy/deny/ip.html
redirect http://proxy/deny/avtomat.html
rewrite mp3
}
# else {
# pass !adv all
# }

nachalnik within workhours {
pass !adv !redirector all
# pass none
# redirect http://proxy/deny/technikdenied.html
# redirect http://proxy/deny/btk.html
}
else {
pass !adv all
}

# plus within workhours {
# pass !admin !adv !dating !movies !redirector !webradio all
# pass none
# redirector http://proxy/deny/technikdenied.html
# redirector http://proxy/deny/btk.html
# }
# else {
# pass !adv !redirector all

buhgalter within workhours {
pass !admin !adv !dating !movies !socialnet !redirector !tracker !updatesites !webradio all
# pass none
# redirect http://proxy/deny/technikdenied.html
# redirect http://proxy/deny/btk.html
rewrite mp3
}
else {
pass !adv !redirector !tracker !updatesites !webradio all
}

users within workhours {
pass !admin !adv !dating !movies !socialnet !redirector !tracker !updatesites !webradio all
# pass none
# redirect http://proxy/deny/technikdenied.html
# redirect http://proxy/deny/btk.html
rewrite mp3
}
else {
pass !adv !redirector all
}
server within workhours {
pass !adv !dating !movies !socialnet !redirector !webradio all
}

default {
pass none
log /var/SquidGuard/default.log
}

}

Детальное описание будет в дальнейшем. Подробное описание установки и настройки squid можно прочитать в статье "Linux: настройка прозрачного прокси-сервера squid 3"
Автор: vit на 14:27
Ярлыки: , , , , ,

Комментариев нет:

Отправить комментарий

Подписаться на: Комментарии к сообщению (Atom)