Así? Ya corregí pero aun así Deja pasar todo. >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/32 ::1 >>>> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 >>>> acl localnet src 10.1.0.0/17 >>>> acl google src 74.125.0.0/16 >>>> acl youtube srcdomain .youtube.com >>>> acl youtube_2 srcdom_regex -i \.youtube\.com >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access allow localnet >>>> http_access allow localhost >>>> http_port 10.1.50.252:8080 intercept >> http_access deny google >> http_access deny youtube >> http_access deny youtube_2 >> visible_hostname proxy.lsvp
Daniel Ortiz Gutierrez El 30/05/2012, a las 13:03, Ernesto Pérez Estévez <cen...@ecualinux.com> escribió: > On 05/30/2012 12:55 PM, Daniel wrote: >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/32 ::1 >>>> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 >>>> acl localnet src 10.1.0.0/17 >>>> acl google src 74.125.0.0/16 >>>> acl youtube srcdomain .youtube.com >>>> acl youtube_2 srcdom_regex -i \.youtube\.com >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access allow localnet >>>> http_access allow localhost >>>> http_port 10.1.50.252:8080 intercept >> http_access deny google >> http_access deny youtube >> http_access deny youtube_2 >> visible_hostname proxy.lsvp >> >> Perdón no puse el archivo de configuración completo. > ahora dudo de la posición del http_access (porque tú usas http_port > aquí, parámetro que no comprendo) > > >> >> Daniel Ortiz Gutierrez >> >> El 30/05/2012, a las 12:33, Ernesto Pérez Estévez<cen...@ecualinux.com> >> escribió: >> >>> On 05/30/2012 12:09 PM, Daniel wrote: >>>> Saludos >>>> >>>> Instale Squid 3.1 en un centos 6.2 minimo, con un "yum install squid" >>>> este es el archivo de configuracion, >>>> >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/32 ::1 >>>> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 >>>> acl localnet src 10.1.0.0/17 >>>> >>>> acl google src 74.125.0.0/16 >>>> acl youtube srcdomain .youtube.com >>>> acl youtube_2 srcdom_regex -i \.youtube\.com >>>> >>> quizá leí muy rápido, pero veo la ACL definida mas no el http_access >>> para denegar o permitir lo que machee con esa acl >>> >>>> >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access allow localnet >>>> http_access allow localhost >>>> http_port 10.1.50.252:8080 intercept >>>> >>>> acl google src 74.125.0.0/16 >>>> acl youtube srcdomain .youtube.com >>>> acl youtube_2 srcdom_regex -i \.youtube\.com >>>> >>>> >>>> >>>> >>>> el problema es que no me respeta ninguna ACL, todo lo deja pasar lo e >>>> intentado con otras direcciones para ver si es problema de https pero >>>> incluso cuando pongo >>>> >>>> acl all src all >>>> http_access all deny >>>> >>>> me sigue dejando navegar sin problemas, mis reglas de iptables son: >>>> >>>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 >>>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT >>>> >>>> el puerto 443 esta abierto por que no me estoy metiendo con https, por >>>> el momento. >>>> >>>> Saludos y espero alguien me pueda ayudar. >>>> _______________________________________________ >>>> CentOS-es mailing list >>>> CentOS-es@centos.org >>>> http://lists.centos.org/mailman/listinfo/centos-es >>>> >>> >>> >>> -- >>> This message has been scanned for viruses and >>> dangerous content by MailScanner, and is >>> believed to be clean. >>> >>> _______________________________________________ >>> CentOS-es mailing list >>> CentOS-es@centos.org >>> http://lists.centos.org/mailman/listinfo/centos-es >> _______________________________________________ >> CentOS-es mailing list >> CentOS-es@centos.org >> http://lists.centos.org/mailman/listinfo/centos-es >> > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > CentOS-es mailing list > CentOS-es@centos.org > http://lists.centos.org/mailman/listinfo/centos-es _______________________________________________ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
