Eu configuro o squid assim, mas a lista negra não funciona. Eu procuro por algo na web, mas nada.
#SQUID squid.conf
http_port 8080
############################################################
#Database Authentication MYSQL
auth_param basic program /usr/lib/squid3/squid_db_auth --dsn "DBI:mysql:database=something " --user something --password something --plaintext --persist
auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 30 minute
auth_param basic casesensitive off
acl db-auth proxy_auth REQUIRED
http_access allow db-auth
#############################################################
#ACL
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl blacklist dstdom_regex -i "/etc/squid3/blacklist"
##############################################################
#LISTA OPERAZIONI ACL
http_access deny blacklist
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
##############################################################
coredump_dir /var/spool/squid3
O arquivo da lista negra é assim:
facebook.it
facebook.com
http_access são avaliadas sequencialmente para cada solicitação e, uma vez correspondidas, a avaliação é interrompida. Assim, http_access allow db-auth deve ser colocado após http_access deny blacklist . Desta forma, a lista negra é aplicada e, em seguida, a autenticação ocorre.