This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
авторизация_доступа_к_ресурсам_через_squid [2015/06/10 14:31] val [Для file, nis, ldap авторизации] |
авторизация_доступа_к_ресурсам_через_squid [2020/11/12 10:47] val |
||
---|---|---|---|
Line 3: | Line 3: | ||
===== Авторизация на основе ip адреса рабочей станции ===== | ===== Авторизация на основе ip адреса рабочей станции ===== | ||
- | ==== FreeBSD ==== | + | |
+ | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
- | [gate:~] # cd /usr/local/etc/squid/ | + | gate# cat /etc/squid/deny_hosts.txt |
+ | </code><code> | ||
+ | .*ok\.ru.* | ||
+ | .*vk\.com.* | ||
</code> | </code> | ||
- | ==== Ubuntu ==== | ||
<code> | <code> | ||
- | root@gate:~# cd /etc/squid/ | + | gate# cat /etc/squid/permit_hosts.txt |
+ | </code><code> | ||
+ | .*microsoft\.com.* | ||
</code> | </code> | ||
- | ==== FreeBSD/Ubuntu ==== | ||
<code> | <code> | ||
- | gate# cat deny_hosts.txt | + | gate# cat /etc/squid/squid.conf |
- | </code><code> | + | |
- | .*odnok.* | + | |
- | .*com\/.* | + | |
- | </code><code> | + | |
- | gate# cat squid.conf | + | |
</code><code> | </code><code> | ||
... | ... | ||
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS | # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS | ||
- | ... | + | # |
- | acl our_networks src 192.168.100+X.0/24 | + | acl our_networks src 192.168.X.0/24 |
- | acl full_access src 192.168.100+X.100 192.168.100+X.101 | + | acl our_pppoe_networks src 192.168.100+X.0/24 |
+ | acl big_boss src 192.168.113.100 192.168.100+X.101 | ||
- | #For FreeBSD | ||
- | acl deny_hosts url_regex "/usr/local/etc/squid/deny_hosts.txt" | ||
- | #For Ubuntu | ||
acl deny_hosts url_regex "/etc/squid/deny_hosts.txt" | acl deny_hosts url_regex "/etc/squid/deny_hosts.txt" | ||
+ | acl permit_hosts url_regex "/etc/squid/permit_hosts.txt" | ||
- | http_access allow full_access | + | http_access allow big_boss |
- | http_access allow localhost | + | http_access allow our_pppoe_networks !deny_hosts |
- | http_access allow our_networks !deny_hosts | + | http_access allow our_networks permit_hosts |
... | ... | ||
</code><code> | </code><code> |