R: [PLUTO-help] squid e client

Luciano Lucini luciano a smapfil.it
Lun 22 Maggio 2006 09:09:53 CEST



Scusa, se non sono stato chiaro fammi un fischio l'avevo mandata ma
probabilmente non  arrivata


Prima definisci i vari tipi di accessi o gruppi 


acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443 563	# https, snews
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

Definisco dei gruppi interni
acl smapfil2 src 152.130.0.0/255.255.255.0 acl Produzione src
152.130.0.151-152.130.0.162/255.255.255.0
acl Magazzino src 152.130.0.211-152.130.0.212/255.255.255.0
acl Uffici_No_Internet src 152.130.0.10-152.130.0.12/255.255.255.0


poi dico chi si e chi no 

http_access allow manager localhost (questo si)
http_access deny manager 		(questo no)

# Deny requests to unknown ports
http_access deny !Safe_ports		(queste porte no)

# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports	

### inserite da luciano
http_access allow smapfil2	(questo si)
http_access deny Produzione   (questo no)
http_access deny Magazzino	(questo no)
http_access deny Uffici_No_Internet	(questo no)
http_access allow localhost
 

Lucini Luciano - EDP

Via Londra, 48
Phone : 0376/782610 
46042 Castel Goffredo (MN) ITALY

E-Mail luciano a smapfil.it
         lucianolucini a hotmail.com





More information about the pluto-help mailing list