I: [PLUTO-help] squid e client
Luciano Lucini
luciano a smapfil.it
Gio 18 Maggio 2006 11:56:33 CEST
Scusa, se non sono stato chiaro fammi un fischio
Prima definisci i vari tipi di accessi o gruppi
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
*****Definisco dei gruppi interni
acl smapfil2 src 152.130.0.0/255.255.255.0
acl Produzione src 152.130.0.151-152.130.0.162/255.255.255.0
acl Magazzino src 152.130.0.211-152.130.0.212/255.255.255.0
acl Uffici_No_Internet src 152.130.0.10-152.130.0.12/255.255.255.0
******** poi dico chi si e chi no
http_access allow manager localhost (questo si)
http_access deny manager (questo no)
# Deny requests to unknown ports
http_access deny !Safe_ports (queste porte no)
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
### inserite da luciano
http_access allow smapfil2 (questo si)
http_access deny Produzione (questo no)
http_access deny Magazzino (questo no)
http_access deny Uffici_No_Internet (questo no)
http_access allow localhost
More information about the pluto-help
mailing list