Re: Bloqueio MSN +- (Quase lá)
Em Qui, 2006-03-23 às 18:03 -0300, Maxwillian Miorim escreveu:
> Crie a acl para o MSN:
>
> acl msn_mime req_mime_type -i ^application/x-msn-messenger$
>
> E use a seguinte combinação:
>
> http_access deny msn_mime !usuarios_internet
> http_access allow msn_mime usuarios_internet
>
> #usuarios_internet são os usuários do teu grupo liberados para isto,
> deve haver uma acl para tanto
>
> Assim apenas quem é autorizado usa algo com o mime-type do MSN
> (Messenger, WIndows Messenger, Gaim, Kopete, aMSN e etc.)
>
Porém com um erro que eu nunca tinha visto...
GRSS003:~# squid -k reconfigure
2006/03/24 13:49:38| ACL name 'msn-mime' not defined!
FATAL: Bungled squid.conf line 51: http_access allow msn-mime ProxyUsers
Squid Cache (Version 2.5.STABLE12): Terminated abnormally.
Segue squid.conf:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
redirect_program /sbin/redirector ads audio-video blocked hacking jogos
porn proxy
auth_param ntlm program /bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm use_ntlm_negotiate off
auth_param ntlm children 10
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 5 minutes
auth_param basic program /bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Proxy GUARAPLY
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
external_acl_type NT_global_group children=10 %
LOGIN /usr/local/squid/libexec/wbinfo_group.pl
acl ProxyUsers external NT_global_group GRS_NET
http_access allow ProxyUsers
acl msn_mime req_mime_type -i ^application/x-msn-messenger$
http_access deny msn_mime !ProxyUsers
http_access allow msn-mime ProxyUsers
acl day time MTWHF 11:30-13:00
acl ProxyUsersMeioDia external NT_global_group GRS_NETD
http_access allow ProxyUsersMeioDia day
http_access deny all
http_reply_access allow all
--
...
[]'s
_ Eder Gobbi - "Woody"
^-) MSN - gobbix at gmail dot com
( . . _ GoogleTalk - gobbix at gmail dot com
\ `\\ Jabber - gobbix at jabber dot com
|> Linux User - #385577 - http://counter.li.org
______/|______ UIN - 161655702
"Livre? É... Eu sou!!!"
"Se você pensa que pode, ou se pensa que não pode, de qualquer forma
você está certo!" (Henry Ford)
Reply to: