Cisco1720 router --> 4 windows based servers 1 centos virtual server 1 centos squid server.
Client computers (8)
Would like to have all web traffic blocked except websites defined in a allowed_sites.squid config file.
My squid.conf file
Should my squid server have 2 network cards or can I leave it with the one ?
+++++++
[root_at_VIRT1 ~]# cat /etc/squid/squid.conf | sed '/ *#/d; /^ *$/d'
http_port 192.168.31.3:3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_dir ufs /var/spool/squid 1000 16 256
access_log /var/log/squid/access.log squid
dns_nameservers 192.168.31.11
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl good_url dstdomain "/etc/squid/allowed_sites.squid"
acl pnc_network src 192.168.31.0/255.255.255.0
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow good_url
http_access deny pnc_network
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
visible_hostname VIRT1
coredump_dir /var/spool/squid
++++++++
client's cannot access anything.
Any help would be appreciated
Jim
Received on Mon Feb 23 2009 - 16:25:51 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 24 2009 - 12:00:01 MST