sudo apt-get install squid havp clamav
nano /etc/havp/havp.config
havp.conf
PORT 3128
nano /etc/havp/blacklist
squid.conf
http_port 22
###
cache_peer 127.0.0.1 parent 3128 0 no-query no-digest no-netdb-exchange default
###
cache_peer_access 127.0.0.1 allow
cache_access_log /home/darvin/log/access.log
cache_log /home/darvin/log/cache.log
cache_store_log /home/darvin/log/store.log
cache_mgr l.tema@mail.ru
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm 10.48.5.203 server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl all src 0/0
acl control proxy_auth REQUIRED
acl user1 proxy_auth local
acl user2 proxy_auth pc
acl user3 proxy_auth pda
acl Safe_ports port 1720 # h323
acl SSL_ports port 443 563 #
acl SSL_ports port 995 # POP3S
acl SSL_ports port 993 # IMAPS
acl SSL_ports port 25 # smtp
acl SSL_ports port 110 # pop
acl SSL_[prts port 5190
acl CONNECT port 0-20 #
###
# Будем проверять только HTTP
acl Scan_HTTP proto HTTP
never_direct allow Scan_HTTP
#http_access allow Scan_HTTP
http_access allow all control
http_access allow user1 control
http_access allow user2 control
http_access allow user3 control
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
У клиентов будет авторизация и проверка на вирусы. порт настроить на 22 порт.
для обновления баз: freshclam
Комментариев нет:
Отправить комментарий