Squid2.5
|
Contents |
[edit]
Squid version 2.5 (iSAKv1)
Each user must have an Ident server running. When Squid receives a web request, it will ask the Ident server who is currently logged in. Once the user is identified, Squid sends the web request to SquidGuard. Based on the username and the filtering rules, SquidGuard will accept or redirect the request to an explanation page.
[edit]
Squid configuration
[edit]
File /etc/squid/squid.conf
######################################################### # File: /etc/squid/squid.conf # # Squid version 2.5 # # # # iSAK v1.0 - http://isak.gplindustries.com # ######################################################### # General Configuration visible_hostname proxy.domain.tld cache_mgr root@domain.tld http_port 3128 # Cache and logs cache_dir ufs /var/spool/squid 100 16 256 coredump_dir /var/spool/squid error_directory /usr/share/squid/errors/French log_fqdn off # Don't cache URLs hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # Refresh pattern refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 # Access lists acl all src 0.0.0.0/0.0.0.0 acl idents ident REQUIRED acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl CONNECT method CONNECT # Redirection software redirect_program /usr/bin/squidGuard redirect_children 20 redirector_bypass off redirect_rewrites_host_header on # Access rules http_access allow manager localhost to_localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow idents http_access deny all http_reply_access allow all icp_access allow all # EOF
[edit]
Squid Administration
Squid administration is done by Webmin interface.
www.savoirfairelinux.com