Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
squid me pide contraseña todo el tiempo
41 views
Skip to first unread message
Armando Victor Corona Ramos
May 14, 2019, 8:40:03 AM5/14/19
to
Saludos amigos,
hoy les traigo otra duda. acabo de configurar squid 3.5.23 en debian 9, es para dar servicio de internet a 250 usuarios. resulta que cuando configuro el navegador, firefox, en las pc, estos no pueden autenticarse pues despes de entrar las credenciales, vuelve a pedirlas en un ciclo sin fin.
he visto la logica del fichero y me parece que esta bien. Pudieran ayudarme????
les envio el fichero de configuracion.
#
# +---------------------------------------------------------+
# | 3.5.23 |
# +---------------------------------------------------------+
# +------------------------------------------------------------------------------+
# | DEFAULT |
# +------------------------------------------------------------------------------+
auth_param basic children 5
auth_param basic realm CORDOVE - Internet proxy cache
auth_param basic credentialsttl 2 hours
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/users
# Recommended minimum configuration:
#
# +------------------------------------------------------------------------------+
# | LISTAS CONTROL DE ACCESO |
# +------------------------------------------------------------------------------+
#-- acl puertos principales
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 8080 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl interna src 10.24.10.0/24
# -- Directo para la red de salud
acl salud dstdomain .sld.cu
http_access allow all salud
always_direct allow all salud
acl cuba dstdomain .cu
http_access allow all cuba
http_access allow interna cuba
acl purge method PURGE
acl CONNECT method CONNECT
url_rewrite_program /usr/bin/squidGuard
#-- Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
#SERVIDORES
acl servidores arp 60:02:92:39:fe:4e # .1
http_access allow servidores
#-- Passwd
acl Pass proxy_auth REQUIRED
# -- LISTAS DE CONTROL POR MAC
#-- MAC de la PCs con internet
acl mac_nodo arp a0:00:00:04:c0:05 #JEFE DEPTO INFORMATICA corona PCI
acl mac_nodo arp D0:17:C2:8A:44:86 #TECNICO DE LAS TIC leo
acl mac_nodo arp D0:17:C2:96:38:99 #ADMINISTRADOR DE RED tony
acl mac_nodo arp D0:17:C2:8A:44:D1 #SEGURIDAD INFORMATICA
#
acl mac_Biblioteca arp C0:7C:D1:33:A0:10
acl mac_Biblioteca arp 60:02:92:3C:68:EC
acl mac_Biblioteca arp 60:02:92:3C:69:11
acl mac_Biblioteca arp 0C:54:A5:4B:41:B3
#
acl mac_direccion arp 70:54:D2:0A:05:ED
acl mac_direccion arp 14:CC:20:04:26:0A
#
acl mac_Terapia arp 00:71:C2:19:A4:D8
#
acl mac_contabilidad arp 70:54:D2:09:FA:42 # Tamara
acl mac_contabilidad arp 70:54:d2:0a:03:88 # Energetico
#
acl mac_rrhh arp 50:46:5D:03:AF:43
acl mac_rrhh arp 14:DD:A9:7B:89:9F # Jefe depto
acl mac_rrhh arp 70:54:D2:09:FB:22
#
acl mac_enfermeria arp 00:71:C2:19:A5:8C
acl mac_cirugia arp 00:71:C2:31:47:56
acl mac_facultativa arp 00:71:C2:19:A6:5A
acl mac_cardiologia arp 70:54:D2:0A:05:9D
acl mac_asistenciaMedica arp 00:21:97:2D:6F:3D
acl mac_miscelanea arp 70:54:D2:0A:06:CC
acl mac_ultrasonido arp 08:60:6E:53:CF:96
acl mac_laboratorioCl arp 70:54:D2:0A:04:6C
#
acl mac_docencia arp 70:54:D2:0A:04:E4
acl mac_docencia_2 arp 7C:05:07:3A:C9:E7
#
acl mac_proteccionFisica arp 00:1D:72:EC:E8:F5
acl mac_proteccionFisica arp A0:2B:B8:27:4E:FA
#
acl mac_farmacia arp 00:71:C2:31:47:64
acl mac_auditoria arp 60:02:92:3c:68:fc
acl mac_estadistica arp 60:02:92:3c:68:fd
# -- MAC - LAPTOPS
acl mac_docencia_delmis arp 34:97:f6:75:c2:db
acl mac_fonck arp 8C:89:A5:09:AA:78
acl mac_laptop_constanten arp 34:97:f6:cb:c2:52
# -- LISTAS DE CONTROL POR USUARIOS
# -- Usuarios con internet
acl nodo proxy_auth "/etc/squid/config/usuarios/nodo"
acl asistenciaMedica proxy_auth "/etc/squid/config/usuarios/asistenciaMedica"
acl auditoria proxy_auth "/etc/squid/config/usuarios/auditoria"
acl biblioteca proxy_auth "/etc/squid/config/usuarios/biblioteca"
acl cardiologia proxy_auth "/etc/squid/config/usuarios/cardiologia"
acl cirugia proxy_auth "/etc/squid/config/usuarios/cirugia"
acl contabilidad proxy_auth "/etc/squid/config/usuarios/contabilidad"
acl direccion proxy_auth "/etc/squid/config/usuarios/direccion"
acl docencia proxy_auth "/etc/squid/config/usuarios/docencia"
acl enfermeria proxy_auth "/etc/squid/config/usuarios/enfermeria"
acl estadistica proxy_auth "/etc/squid/config/usuarios/estadistica"
acl facultativa proxy_auth "/etc/squid/config/usuarios/facultativa"
acl farmacia proxy_auth "/etc/squid/config/usuarios/farmacia"
acl laboratorioCl proxy_auth "/etc/squid/config/usuarios/laboratorioCl"
acl miscelanea proxy_auth "/etc/squid/config/usuarios/miscelanea"
acl proteccionFisica proxy_auth "/etc/squid/config/usuarios/proteccionFisica"
acl rrhh proxy_auth "/etc/squid/config/usuarios/rrhh"
acl terapia proxy_auth "/etc/squid/config/usuarios/terapia"
acl ultrasonido proxy_auth "/etc/squid/config/usuarios/ultrasonido"
# -- REGLAS DE FILTRADO POR CONTENIDO --
# -- CONTROL DE TIEMPO --
acl horas_pico time A 08:00-10:00
acl horas_pico time MTWHF 08:00-15:00
# --- Alto Consumo
acl altoconsumo dstdomain "/etc/squid/filtros/altoconsumo"
# --- Redes Sociales
acl sociales url_regex -i "/etc/squid/filtros/sociales"
# DEFINIENDO PALABRAS FULAS
acl palabrasfulas url_regex -i "/etc/squid/filtros/palabrasfulas"
# --- Porn--- Proxy Anonimos
# --- SE FILTRA POR SQUID GUARD --
acl mal_domains dstdomain "/etc/squid/filtros/malware/domains"
acl mal_urls url_regex -i "/etc/squid/filtros/malware/urls"
#
# LISTA DE SITIOS INOCENTES - proxyenlaces
#acl proxyEnlaces_url url_regex -i "/etc/squid/rules/restringir/inocentes.rule"
#acl proxyEnlaces_sitios url_regex -i "/etc/squid/rules/restringir/inocentes.rule"
#acl proxyEnlaces_dominios dstdomain -i "/etc/squid/rules/restringir/inocentes.rule"
# -- PERMITIR SITIOS INOCENTES - proxyenlaces
#http_access allow proxyEnlaces_url all
#http_access allow proxyEnlaces_sitios all
#http_access allow proxyEnlaces_dominios all
# -- DIRECCION DE ACCESO DENEGADO A SITIOS
acl scholar url_regex scholar.google.com.cu
acl google dstdomain .google.com.cu
deny_info http://scholar.google.com.cu google
http_access allow interna cuba
# ------ DENEGANDO REGLAS DE FILTRADO DE CONTENIDO ----------------- #
http_access deny palabrasfulas
http_access deny mal_domains
http_access deny mal_urls
#Denegacion de Facebook hora pico
http_access deny sociales horas_pico !nodo
http_access deny sociales horas_pico !direccion
#-- Util para SqStat
acl managers proto cache_object
acl webserver src 10.24.10.2
http_access allow managers webserver
http_access deny managers
cachemgr_passwd secret all
# +------------------------------------------------------------------------------+
# | REGLAS CONTROL DE ACCESO |
# +------------------------------------------------------------------------------+
#-- Deny requests to certain unsafe ports
http_access deny !Safe_ports
http_access allow mac_nodo nodo Pass
http_access deny nodo
http_access allow asistenciaMedica mac_asistenciaMedica Pass
http_access deny asistenciaMedica
http_access allow auditoria mac_auditoria Pass
http_access deny auditoria
http_access allow biblioteca mac_biblioteca Pass
http_access deny biblioteca
http_access allow cardiologia mac_cardiologia Pass
http_access deny cardiologia
http_access allow cirugia mac_cirugia Pass
http_access deny cirugia
http_access allow contabilidad mac_contabilidad Pass
http_access deny contabilidad
http_access allow direccion mac_direccion Pass
http_access deny direccion
http_access allow docencia mac_docencia Pass
http_access deny docencia
http_access allow estadistica mac_estadistica Pass
http_access deny estadistica
http_access allow enfermeria mac_enfermeria Pass
http_access deny enfermeria
http_access allow facultativa mac_facultativa Pass
http_access deny facultativa
http_access allow farmacia mac_farmacia Pass
http_access deny farmacia
http_access allow laboratorioCl mac_laboratorioCl Pass
http_access deny laboratorioCl
http_access allow miscelanea mac_miscelanea Pass
http_access deny miscelanea
http_access allow proteccionFisica mac_proteccionFisica Pass
http_access deny proteccionFisica
http_access allow rrhh mac_rrhh Pass
http_access deny rrhh
http_access allow terapia mac_terapia Pass
http_access deny terapia
http_access allow ultrasonido mac_ultrasonido Pass
http_access deny ultrasonido
# -----------------------------------------------------------
shutdown_lifetime 10 seconds
# -- MEMORIA DE CACHE
cache_mem 512 MB
maximum_object_size 5 MB
dns_defnames on
logfile_rotate 10
#Default:
# Squid normally listens to port 3128
http_port 100.10.10.254:3128
icp_port 0
# +------------------------------------------------------+
# | DEFAULT |
# +------------------------------------------------------+
# PROXY PADRE DE MI RED
cache_peer 100.10.9.55 parent 3128 0 default
cache_peer_domain proxy.sld.cu !.sld.cu
nonhierarchical_direct off
# --- Logs del proxy ---
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
cache_dir aufs /var/spool/squid 5120 16 256
coredump_dir /var/spool/squid
cache_swap_low 90
cache_swap_high 95
cache_mgr di...@infomed.sld.cu
# -- Errores en Spanish
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/es
mime_table /usr/share/squid/mime.conf
# +------------------------------------------------------------------------------+
# | REFRESCO DE LA CACHE |
# +------------------------------------------------------------------------------+
#-- Imagenes
refresh_pattern -i \.gif$ 14400 80% 43200
refresh_pattern -i \.tiff?$ 14400 80% 43200
refresh_pattern -i \.bmp$ 14400 80% 43200
refresh_pattern -i \.jp?g$ 14400 80% 43200
refresh_pattern -i \.xbm$ 14400 80% 43200
refresh_pattern -i \.png$ 14400 80% 43200
refresh_pattern -i \.wrl$ 14400 80% 43200
refresh_pattern -i \.ico$ 14400 80% 43200
refresh_pattern -i \.pnm$ 14400 80% 43200
refresh_pattern -i \.pbm$ 14400 80% 43200
refresh_pattern -i \.pgm$ 14400 80% 43200
refresh_pattern -i \.ppm$ 14400 80% 43200
refresh_pattern -i \.rgb$ 14400 80% 43200
refresh_pattern -i \.ppm$ 14400 80% 43200
refresh_pattern -i \.rgb$ 14400 80% 43200
refresh_pattern -i \.xpm$ 14400 80% 43200
refresh_pattern -i \.xwd$ 14400 80% 43200
refresh_pattern -i \.pict?$ 14400 80% 43200
#-- Movies
refresh_pattern -i \.mov$ 14400 80% 43200
refresh_pattern -i \.mp?g?$ 14400 80% 43200
refresh_pattern -i \.avi$ 14400 80% 43200
refresh_pattern -i \.qtm?$ 14400 80% 43200
refresh_pattern -i \.viv$ 14400 80% 43200
refresh_pattern -i \.swf$ 14400 80% 43200
refresh_pattern -i \.flv$ 14400 80% 43200
refresh_pattern -i \.mp4$ 14400 80% 43200
refresh_pattern -i \.mkv$ 14400 80% 43200
refresh_pattern -i \.wmv$ 14400 80% 43200
#-- Sounds
refresh_pattern -i \.wav$ 14400 80% 43200
refresh_pattern -i \.aiff?$ 14400 80% 43200
refresh_pattern -i \.au$ 14400 80% 43200
refresh_pattern -i \.ram?$ 14400 80% 43200
refresh_pattern -i \.snd$ 14400 80% 43200
refresh_pattern -i \.mid$ 14400 80% 43200
refresh_pattern -i \.mp2$ 14400 80% 43200
refresh_pattern -i \.mp3$ 14400 80% 43200
refresh_pattern -i \.ogg$ 14400 80% 43200
#-- Archives
refresh_pattern -i \.sit$ 14400 80% 43200
refresh_pattern -i \.zip$ 14400 80% 43200
refresh_pattern -i \.7zip$ 14400 80% 43200
refresh_pattern -i \.hqx$ 14400 80% 43200
refresh_pattern -i \.exe$ 14400 80% 43200
refresh_pattern -i \.arj$ 14400 80% 43200
refresh_pattern -i \.lzh$ 14400 80% 43200
refresh_pattern -i \.lha$ 14400 80% 43200
refresh_pattern -i \.cab$ 14400 80% 43200
refresh_pattern -i \.rar$ 14400 80% 43200
refresh_pattern -i \.tar$ 14400 80% 43200
refresh_pattern -i \.gz$ 14400 80% 43200
refresh_pattern -i \.z$ 14400 80% 43200
refresh_pattern -i \.a[0-9][0-9]$ 14400 80% 43200
refresh_pattern -i \.r[0-9][0-9]$ 14400 80% 43200
#-- Data files
refresh_pattern -i \.txt$ 14400 80% 43200
refresh_pattern -i \.pdf$ 14400 80% 43200
refresh_pattern -i \.doc$ 14400 80% 43200
refresh_pattern -i \.rtf$ 14400 80% 43200
refresh_pattern -i \.tex$ 14400 80% 43200
refresh_pattern -i \.latex$ 14400 80% 43200
#-- Java-type objects
refresh_pattern -i \.class$ 14400 80% 43200
refresh_pattern -i \.js$ 14400 80% 43200
refresh_pattern -i \.class$ 14400 80% 43200
#-- Web-type objects
refresh_pattern -i \.css$ 10 20% 4320
refresh_pattern -i \.html?$ 10 20% 4320
refresh_pattern \/$ 10 20% 4320
#-- Para evitar problemas con scripts .do
refresh_pattern -i \.do$ 0 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
#-- Otros
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320
# ---------------------------------------------------------------------------
visible_hostname proxy.mired.sld.cu
dns_nameservers 100.10.10.1
http_access deny all
# +---------------------------------------------------------+
# | 3.5.23 |
# +---------------------------------------------------------+
# +------------------------------------------------------------------------------+
# | DEFAULT |
# +------------------------------------------------------------------------------+
auth_param basic children 5
auth_param basic realm CORDOVE - Internet proxy cache
auth_param basic credentialsttl 2 hours
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/users
# Recommended minimum configuration:
#
# +------------------------------------------------------------------------------+
# | LISTAS CONTROL DE ACCESO |
# +------------------------------------------------------------------------------+
#-- acl puertos principales
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 8080 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl interna src 10.24.10.0/24
# -- Directo para la red de salud
acl salud dstdomain .sld.cu
http_access allow all salud
always_direct allow all salud
acl cuba dstdomain .cu
http_access allow all cuba
http_access allow interna cuba
acl purge method PURGE
acl CONNECT method CONNECT
url_rewrite_program /usr/bin/squidGuard
#-- Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
#SERVIDORES
acl servidores arp 60:02:92:39:fe:4e # .1
http_access allow servidores
#-- Passwd
acl Pass proxy_auth REQUIRED
# -- LISTAS DE CONTROL POR MAC
#-- MAC de la PCs con internet
acl mac_nodo arp a0:00:00:04:c0:05 #JEFE DEPTO INFORMATICA corona PCI
acl mac_nodo arp D0:17:C2:8A:44:86 #TECNICO DE LAS TIC leo
acl mac_nodo arp D0:17:C2:96:38:99 #ADMINISTRADOR DE RED tony
acl mac_nodo arp D0:17:C2:8A:44:D1 #SEGURIDAD INFORMATICA
#
acl mac_Biblioteca arp C0:7C:D1:33:A0:10
acl mac_Biblioteca arp 60:02:92:3C:68:EC
acl mac_Biblioteca arp 60:02:92:3C:69:11
acl mac_Biblioteca arp 0C:54:A5:4B:41:B3
#
acl mac_direccion arp 70:54:D2:0A:05:ED
acl mac_direccion arp 14:CC:20:04:26:0A
#
acl mac_Terapia arp 00:71:C2:19:A4:D8
#
acl mac_contabilidad arp 70:54:D2:09:FA:42 # Tamara
acl mac_contabilidad arp 70:54:d2:0a:03:88 # Energetico
#
acl mac_rrhh arp 50:46:5D:03:AF:43
acl mac_rrhh arp 14:DD:A9:7B:89:9F # Jefe depto
acl mac_rrhh arp 70:54:D2:09:FB:22
#
acl mac_enfermeria arp 00:71:C2:19:A5:8C
acl mac_cirugia arp 00:71:C2:31:47:56
acl mac_facultativa arp 00:71:C2:19:A6:5A
acl mac_cardiologia arp 70:54:D2:0A:05:9D
acl mac_asistenciaMedica arp 00:21:97:2D:6F:3D
acl mac_miscelanea arp 70:54:D2:0A:06:CC
acl mac_ultrasonido arp 08:60:6E:53:CF:96
acl mac_laboratorioCl arp 70:54:D2:0A:04:6C
#
acl mac_docencia arp 70:54:D2:0A:04:E4
acl mac_docencia_2 arp 7C:05:07:3A:C9:E7
#
acl mac_proteccionFisica arp 00:1D:72:EC:E8:F5
acl mac_proteccionFisica arp A0:2B:B8:27:4E:FA
#
acl mac_farmacia arp 00:71:C2:31:47:64
acl mac_auditoria arp 60:02:92:3c:68:fc
acl mac_estadistica arp 60:02:92:3c:68:fd
# -- MAC - LAPTOPS
acl mac_docencia_delmis arp 34:97:f6:75:c2:db
acl mac_fonck arp 8C:89:A5:09:AA:78
acl mac_laptop_constanten arp 34:97:f6:cb:c2:52
# -- LISTAS DE CONTROL POR USUARIOS
# -- Usuarios con internet
acl nodo proxy_auth "/etc/squid/config/usuarios/nodo"
acl asistenciaMedica proxy_auth "/etc/squid/config/usuarios/asistenciaMedica"
acl auditoria proxy_auth "/etc/squid/config/usuarios/auditoria"
acl biblioteca proxy_auth "/etc/squid/config/usuarios/biblioteca"
acl cardiologia proxy_auth "/etc/squid/config/usuarios/cardiologia"
acl cirugia proxy_auth "/etc/squid/config/usuarios/cirugia"
acl contabilidad proxy_auth "/etc/squid/config/usuarios/contabilidad"
acl direccion proxy_auth "/etc/squid/config/usuarios/direccion"
acl docencia proxy_auth "/etc/squid/config/usuarios/docencia"
acl enfermeria proxy_auth "/etc/squid/config/usuarios/enfermeria"
acl estadistica proxy_auth "/etc/squid/config/usuarios/estadistica"
acl facultativa proxy_auth "/etc/squid/config/usuarios/facultativa"
acl farmacia proxy_auth "/etc/squid/config/usuarios/farmacia"
acl laboratorioCl proxy_auth "/etc/squid/config/usuarios/laboratorioCl"
acl miscelanea proxy_auth "/etc/squid/config/usuarios/miscelanea"
acl proteccionFisica proxy_auth "/etc/squid/config/usuarios/proteccionFisica"
acl rrhh proxy_auth "/etc/squid/config/usuarios/rrhh"
acl terapia proxy_auth "/etc/squid/config/usuarios/terapia"
acl ultrasonido proxy_auth "/etc/squid/config/usuarios/ultrasonido"
# -- REGLAS DE FILTRADO POR CONTENIDO --
# -- CONTROL DE TIEMPO --
acl horas_pico time A 08:00-10:00
acl horas_pico time MTWHF 08:00-15:00
# --- Alto Consumo
acl altoconsumo dstdomain "/etc/squid/filtros/altoconsumo"
# --- Redes Sociales
acl sociales url_regex -i "/etc/squid/filtros/sociales"
# DEFINIENDO PALABRAS FULAS
acl palabrasfulas url_regex -i "/etc/squid/filtros/palabrasfulas"
# --- Porn--- Proxy Anonimos
# --- SE FILTRA POR SQUID GUARD --
acl mal_domains dstdomain "/etc/squid/filtros/malware/domains"
acl mal_urls url_regex -i "/etc/squid/filtros/malware/urls"
#
# LISTA DE SITIOS INOCENTES - proxyenlaces
#acl proxyEnlaces_url url_regex -i "/etc/squid/rules/restringir/inocentes.rule"
#acl proxyEnlaces_sitios url_regex -i "/etc/squid/rules/restringir/inocentes.rule"
#acl proxyEnlaces_dominios dstdomain -i "/etc/squid/rules/restringir/inocentes.rule"
# -- PERMITIR SITIOS INOCENTES - proxyenlaces
#http_access allow proxyEnlaces_url all
#http_access allow proxyEnlaces_sitios all
#http_access allow proxyEnlaces_dominios all
# -- DIRECCION DE ACCESO DENEGADO A SITIOS
acl scholar url_regex scholar.google.com.cu
acl google dstdomain .google.com.cu
deny_info http://scholar.google.com.cu google
http_access allow interna cuba
# ------ DENEGANDO REGLAS DE FILTRADO DE CONTENIDO ----------------- #
http_access deny palabrasfulas
http_access deny mal_domains
http_access deny mal_urls
#Denegacion de Facebook hora pico
http_access deny sociales horas_pico !nodo
http_access deny sociales horas_pico !direccion
#-- Util para SqStat
acl managers proto cache_object
acl webserver src 10.24.10.2
http_access allow managers webserver
http_access deny managers
cachemgr_passwd secret all
# +------------------------------------------------------------------------------+
# | REGLAS CONTROL DE ACCESO |
# +------------------------------------------------------------------------------+
#-- Deny requests to certain unsafe ports
http_access deny !Safe_ports
http_access allow mac_nodo nodo Pass
http_access deny nodo
http_access allow asistenciaMedica mac_asistenciaMedica Pass
http_access deny asistenciaMedica
http_access allow auditoria mac_auditoria Pass
http_access deny auditoria
http_access allow biblioteca mac_biblioteca Pass
http_access deny biblioteca
http_access allow cardiologia mac_cardiologia Pass
http_access deny cardiologia
http_access allow cirugia mac_cirugia Pass
http_access deny cirugia
http_access allow contabilidad mac_contabilidad Pass
http_access deny contabilidad
http_access allow direccion mac_direccion Pass
http_access deny direccion
http_access allow docencia mac_docencia Pass
http_access deny docencia
http_access allow estadistica mac_estadistica Pass
http_access deny estadistica
http_access allow enfermeria mac_enfermeria Pass
http_access deny enfermeria
http_access allow facultativa mac_facultativa Pass
http_access deny facultativa
http_access allow farmacia mac_farmacia Pass
http_access deny farmacia
http_access allow laboratorioCl mac_laboratorioCl Pass
http_access deny laboratorioCl
http_access allow miscelanea mac_miscelanea Pass
http_access deny miscelanea
http_access allow proteccionFisica mac_proteccionFisica Pass
http_access deny proteccionFisica
http_access allow rrhh mac_rrhh Pass
http_access deny rrhh
http_access allow terapia mac_terapia Pass
http_access deny terapia
http_access allow ultrasonido mac_ultrasonido Pass
http_access deny ultrasonido
# -----------------------------------------------------------
shutdown_lifetime 10 seconds
# -- MEMORIA DE CACHE
cache_mem 512 MB
maximum_object_size 5 MB
dns_defnames on
logfile_rotate 10
#Default:
# Squid normally listens to port 3128
http_port 100.10.10.254:3128
icp_port 0
# +------------------------------------------------------+
# | DEFAULT |
# +------------------------------------------------------+
# PROXY PADRE DE MI RED
cache_peer 100.10.9.55 parent 3128 0 default
cache_peer_domain proxy.sld.cu !.sld.cu
nonhierarchical_direct off
# --- Logs del proxy ---
cache_log /var/log/squid/cache.log
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
cache_dir aufs /var/spool/squid 5120 16 256
coredump_dir /var/spool/squid
cache_swap_low 90
cache_swap_high 95
cache_mgr di...@infomed.sld.cu
# -- Errores en Spanish
icon_directory /usr/share/squid/icons
error_directory /usr/share/squid/errors/es
mime_table /usr/share/squid/mime.conf
# +------------------------------------------------------------------------------+
# | REFRESCO DE LA CACHE |
# +------------------------------------------------------------------------------+
#-- Imagenes
refresh_pattern -i \.gif$ 14400 80% 43200
refresh_pattern -i \.tiff?$ 14400 80% 43200
refresh_pattern -i \.bmp$ 14400 80% 43200
refresh_pattern -i \.jp?g$ 14400 80% 43200
refresh_pattern -i \.xbm$ 14400 80% 43200
refresh_pattern -i \.png$ 14400 80% 43200
refresh_pattern -i \.wrl$ 14400 80% 43200
refresh_pattern -i \.ico$ 14400 80% 43200
refresh_pattern -i \.pnm$ 14400 80% 43200
refresh_pattern -i \.pbm$ 14400 80% 43200
refresh_pattern -i \.pgm$ 14400 80% 43200
refresh_pattern -i \.ppm$ 14400 80% 43200
refresh_pattern -i \.rgb$ 14400 80% 43200
refresh_pattern -i \.ppm$ 14400 80% 43200
refresh_pattern -i \.rgb$ 14400 80% 43200
refresh_pattern -i \.xpm$ 14400 80% 43200
refresh_pattern -i \.xwd$ 14400 80% 43200
refresh_pattern -i \.pict?$ 14400 80% 43200
#-- Movies
refresh_pattern -i \.mov$ 14400 80% 43200
refresh_pattern -i \.mp?g?$ 14400 80% 43200
refresh_pattern -i \.avi$ 14400 80% 43200
refresh_pattern -i \.qtm?$ 14400 80% 43200
refresh_pattern -i \.viv$ 14400 80% 43200
refresh_pattern -i \.swf$ 14400 80% 43200
refresh_pattern -i \.flv$ 14400 80% 43200
refresh_pattern -i \.mp4$ 14400 80% 43200
refresh_pattern -i \.mkv$ 14400 80% 43200
refresh_pattern -i \.wmv$ 14400 80% 43200
#-- Sounds
refresh_pattern -i \.wav$ 14400 80% 43200
refresh_pattern -i \.aiff?$ 14400 80% 43200
refresh_pattern -i \.au$ 14400 80% 43200
refresh_pattern -i \.ram?$ 14400 80% 43200
refresh_pattern -i \.snd$ 14400 80% 43200
refresh_pattern -i \.mid$ 14400 80% 43200
refresh_pattern -i \.mp2$ 14400 80% 43200
refresh_pattern -i \.mp3$ 14400 80% 43200
refresh_pattern -i \.ogg$ 14400 80% 43200
#-- Archives
refresh_pattern -i \.sit$ 14400 80% 43200
refresh_pattern -i \.zip$ 14400 80% 43200
refresh_pattern -i \.7zip$ 14400 80% 43200
refresh_pattern -i \.hqx$ 14400 80% 43200
refresh_pattern -i \.exe$ 14400 80% 43200
refresh_pattern -i \.arj$ 14400 80% 43200
refresh_pattern -i \.lzh$ 14400 80% 43200
refresh_pattern -i \.lha$ 14400 80% 43200
refresh_pattern -i \.cab$ 14400 80% 43200
refresh_pattern -i \.rar$ 14400 80% 43200
refresh_pattern -i \.tar$ 14400 80% 43200
refresh_pattern -i \.gz$ 14400 80% 43200
refresh_pattern -i \.z$ 14400 80% 43200
refresh_pattern -i \.a[0-9][0-9]$ 14400 80% 43200
refresh_pattern -i \.r[0-9][0-9]$ 14400 80% 43200
#-- Data files
refresh_pattern -i \.txt$ 14400 80% 43200
refresh_pattern -i \.pdf$ 14400 80% 43200
refresh_pattern -i \.doc$ 14400 80% 43200
refresh_pattern -i \.rtf$ 14400 80% 43200
refresh_pattern -i \.tex$ 14400 80% 43200
refresh_pattern -i \.latex$ 14400 80% 43200
#-- Java-type objects
refresh_pattern -i \.class$ 14400 80% 43200
refresh_pattern -i \.js$ 14400 80% 43200
refresh_pattern -i \.class$ 14400 80% 43200
#-- Web-type objects
refresh_pattern -i \.css$ 10 20% 4320
refresh_pattern -i \.html?$ 10 20% 4320
refresh_pattern \/$ 10 20% 4320
#-- Para evitar problemas con scripts .do
refresh_pattern -i \.do$ 0 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
#-- Otros
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600
refresh_pattern . 0 20% 4320
# ---------------------------------------------------------------------------
visible_hostname proxy.mired.sld.cu
dns_nameservers 100.10.10.1
http_access deny all
0 new messages