Segue o squid.conf Obrigado por qualquer ajuda...
http_port 3128 icp_port 3130 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 150 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 9216 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_replacement_policy lru memory_replacement_policy lru cache_dir ufs /var/spool/squid 250 16 100 cache_access_log /var/log/squid/access.log cache_store_log none # As linhas abaixo se referem a autenticação de usuários no AD auth_param basic program /usr/local/squid/libexec/squid_ldap_auth -R -b "dc=dominio,dc=local" -D "cn=proxy_user,ou=Internet,dc=dominio,dc=local" -w "senha" -f sAMAccountName=%s -h 192.168.200.2 auth_param basic realm Este acesso será registrado Digite sua chave e senha auth_param basic children 5 auth_param basic credentialsttl 15 minutes acl ntlm_users proxy_auth REQUIRED emulate_httpd_log on mime_table /usr/local/squid/etc/mime.conf pid_filename /usr/local/squid/var/logs/squid.pid ftp_user [email protected] ftp_passive on unlinkd_program /usr/local/squid/libexec/unlinkd # ACL externa para autenticação nas bases LDAP do PDC external_acl_type NT_global_group %LOGIN /usr/local/squid/libexec/squid_ldap_group -R -b "dc=dominio,dc=local" -D "cn=proxy_user,ou=Internet,dc=dominio,dc=local" -w "senha" -f "(&(objectclass=person)(sAMAccountName=%v)(memberof=cn=%a,ou=Internet,dc=selbetti,dc=local))" -h 192.168.200.2 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 81 # Dominio Suporte acl SSL_ports port 8333 acl SSL_ports port 443 # https acl Safe_ports port 80 # http acl Safe_ports port 8333 # VMWare acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 8181 # Publicacao acl Safe_ports port 10000 # Webmin acl Safe_ports port 81 # VMWare acl CONNECT method CONNECT ############################################################ # # Regras Selbetti # ############################################################ acl sslsites url_regex [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ http_access deny SSL_ports sslsites acl SITES_BLOQUEADOS url_regex -i "/etc/squid/acls/sites_bloqueados.txt" acl SITES_LIBERADOS url_regex -i "/etc/squid/acls/sites_liberados.txt" acl IPS_LIBERADOS src "/etc/squid/acls/ips_liberados.txt" acl IPS_BLOQUEADOS src "/etc/squid/acls/ips_bloqueados.txt" acl PORN url_regex -i "/etc/squid/acls/porn.txt" acl ORKUT url_regex -i "/etc/squid/acls/orkut.txt" acl NOPORN url_regex -i "/etc/squid/acls/noporn.txt" acl downloads url_regex -i .asf .mpeg .wav .mp3 .wma acl LAN src 192.168.200.0/24 acl FUNTIME-1 time MTWHF 11:30-13:30 acl FUNTIME-2 time MTWHF 17:45-19:00 acl FUNTIME-3 time MTWHF 06:00-07:30 acl FUNTIME url_regex -i "/etc/squid/acls/funtime.txt" acl msn.1 dstdomain loginnet.passport.com acl msn.2 dstdomain webmessenger.msn.com acl msn.3 url_regex -i gateway.dll acl msn.4 req_mime_type -i ^application/x-msn-messenger$ acl msn.5 url_regex -i "/etc/squid/acls/msn.txt" acl webmail_liberado url_regex -i "/etc/squid/acls/webmail_liberados.txt" acl bb browser C:\BancoBrasil\officeIE\index.html acl bb1 url_regex -i "/etc/squid/acls/bb.txt" acl Safe_ports port 10082 # DBMessenger acl Safe_ports port 9082 acl CAIXA url_regex -i "/etc/squid/acls/caixa.txt" acl WINDOWS_UPDATE url_regex -i "/etc/squid/acls/windows_update.txt" acl selbetti url_regex -i "/etc/squid/acls/selbetti.txt" acl Desenvolvimento_Bloqueado url_regex -i "/etc/squid/acls/sites_desenvolvimento.txt" acl Consultores_Bloqueado url_regex -i "/etc/squid/acls/sites_consultores.txt" acl GTALK url_regex -i "/etc/squid/acls/gtalk.txt" acl Sites_Internet_nivel1 url_regex -i "/etc/squid/acls/internetnivel1.txt" acl Sites_Internet_nivel2 url_regex -i "/etc/squid/acls/internetnivel2.txt" acl Sites_Internet_nivel3 url_regex -i "/etc/squid/acls/internetnivel3.txt" # Fix support.microsoft.com by removing Accept-Encoding header acl support.microsoft.com dstdomain support.microsoft.com #################################### # ACL USANDO AUTENTICACAO GRUPOS AD #################################### acl Internet_Selbetti external NT_global_group Internet_Selbetti acl Internet_Liberada external NT_global_group Internet_liberada acl Internet_Bloqueada external NT_global_group Internet_bloqueada acl MSN_Liberado external NT_global_group Msn_liberado acl MSN_Bloqueado external NT_global_group Msn_bloqueado acl Desenvolvimento external NT_global_group desenvolvimento acl Consultores external NT_global_group Consultor acl Internet_Nivel1 external NT_global_group Nivel1 acl Internet_Nivel2 external NT_global_group Nivel2 acl Internet_Nivel3 external NT_global_group Nivel3 ########################################################### # # BLOQUEIO DO SQUID ########################################################### ##################### ## Sites liberados para todo o dominio selbetti http_access allow all selbetti ## Bloqueios Padrao do Squid http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow SSL_ports ## Windows Update http_access allow WINDOWS_UPDATE ## Sites Liberados http_access allow all SITES_LIBERADOS ## MSN http_access allow MSN_Liberado ## Gtalk http_access deny GTALK ## Banco do Brasil http_access allow bb bb1 ## Pornografia http_access deny PORN !NOPORN ## Funtime http_access allow FUNTIME-1 !PORN !ORKUT !FUNTIME http_access allow FUNTIME-2 !PORN !ORKUT !FUNTIME http_access allow FUNTIME-3 !PORN !ORKUT !FUNTIME ## Problema para acessar site microsoft ##header_access Accept-Encoding deny support.microsoft.com ## Internet Nivel 1 http_access allow Internet_Nivel1 Sites_Internet_nivel1 http_access deny all Internet_Nivel1 ## Internet Nivel 2 http_access allow Internet_Nivel2 Sites_Internet_nivel2 http_access deny all Internet_Nivel2 ## Internet Nivel 3 http_access allow Internet_Nivel3 !Sites_Internet_nivel3 http_access deny all Internet_Nivel3 ## Orkut http_access deny ORKUT ## Caixa Economica http_access allow CAIXA http_access allow Internet_Liberada http_access allow IPS_LIBERADOS http_access deny MSN_Liberado SITES_BLOQUEADOS #http_access allow Desenvolvimento !Desenvolvimento_Bloqueado #http_access deny Desenvolvimento SITES_BLOQUEADOS #http_access allow Consultores !Consultores_Bloqueado #http_access deny Consultores SITES_BLOQUEADOS http_access deny SITES_BLOQUEADOS http_access allow webmail_liberado http_access deny Internet_Bloqueada http_access deny MSN_Bloqueado http_access deny downloads http_access deny msn.1 !MSN_Liberado http_access deny msn.2 !MSN_Liberado http_access deny msn.3 !MSN_Liberado http_access deny msn.4 !MSN_Liberado http_access deny msn.5 !MSN_Liberado http_access deny IPS_BLOQUEADOS http_access allow ntlm_users http_access allow Internet_Selbetti http_access allow LAN http_access allow localhost http_access deny all icp_access allow all cache_effective_user proxy cache_effective_group proxy visible_hostname proxy.selbetti.com.br unique_hostname proxy.selbetti.com.br append_domain .selbetti.com.br acl local-servers dstdomain selbetti.com.br always_direct allow local-servers error_directory /usr/local/squid/share/errors/Portuguese Veja quais são os assuntos do momento no Yahoo! +Buscados http://br.maisbuscados.yahoo.com
