limited1
17.06.04, 22:14
gruezi....ihr spezis
versuche squid so zu konfigurieren,dass es nur noch möglich ist, http und in einer textdatei festgelegte ssl-domains aufzurufen.jegliche versuche mit u.g. squid.conf liessen squid bisher kalt - was mach ich falsch ?!
greetz
auszug der squid.conf
#########################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl manager proto cache_object
acl allowed_hosts src *.*.0.0/255.255.0.0
acl sslstop proto SSL
acl https-allow dstdomain "/etc/squid/sslwhitelist"
acl CONNECT method CONNECT
always_direct allow blocked
never_direct allow all
# acl localhost src 127.0.0.1/255.255.255.255
# acl all src 0.0.0.0/0.0.0.0
http_access allow manager localhost
http_access deny manager all
http_access allow allowed_hosts
http_reply_access allow all
http_access deny CONNECT SSL_ports
http_access deny CONNECT !https-allow
http_access deny sslstop
http_access deny all
versuche squid so zu konfigurieren,dass es nur noch möglich ist, http und in einer textdatei festgelegte ssl-domains aufzurufen.jegliche versuche mit u.g. squid.conf liessen squid bisher kalt - was mach ich falsch ?!
greetz
auszug der squid.conf
#########################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl manager proto cache_object
acl allowed_hosts src *.*.0.0/255.255.0.0
acl sslstop proto SSL
acl https-allow dstdomain "/etc/squid/sslwhitelist"
acl CONNECT method CONNECT
always_direct allow blocked
never_direct allow all
# acl localhost src 127.0.0.1/255.255.255.255
# acl all src 0.0.0.0/0.0.0.0
http_access allow manager localhost
http_access deny manager all
http_access allow allowed_hosts
http_reply_access allow all
http_access deny CONNECT SSL_ports
http_access deny CONNECT !https-allow
http_access deny sslstop
http_access deny all