Zdravim, opet prichazim s drobnym dotazem.
Pouzivam SQUID jako proxy. A pomoci ACL malicko koriguji provoz. Mam ovsem jedno PC na ktere se restrikce vztahovat nemohou (vsemocny). Problemove stranky jsou uvedene v bad-sites.squid a vse funguje. Vsemocny ma pristup vsude pro ostatni jsou stranky blokovane. Jen jsem narazil na problem s blokaci multimedialniho obsahu. At delam, co delam, tak blokace funguje i na MAC "vsemocny". Pokud nekdo mate hlubsi zkusenost, prosim o radu. Diky moc.
---------------------------------------------
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
# Povolene rozsahy
acl work src 10.0.0.0/24
acl guest src 10.0.100.0/24
acl vsemocny arp 00:1e:4f:ee:c3:55
#Blokace podle casu
acl Before_Office time SMTWHFA 00:05-06:00
# Blokace nevhodnych stranek
acl bad_url dstdomain "/etc/squid3/bad-sites.squid"
# Blokace MULTIMEDIA
acl BlockExt url_regex -i \.mp3$ \.asx$ \.wma$ \.wmv$ \.avi$ \.mpeg$ \.mpg$ \.asf$
######Block Video Streaming##############
acl media rep_mime_type video/flv video/x-flv
acl media rep_mime_type -i ^video\/
acl media rep_mime_type ^application/x-shockwave-flash
acl media rep_mime_type ^application/vnd.ms.wms-hdr.asfv1
acl media rep_mime_type ^application/x-fcs
acl media rep_mime_type ^application/x-mms-framed
acl media rep_mime_type ^video/x-ms-asf
acl media rep_mime_type ^audio/mpeg
acl media rep_mime_type ^audio/mpeg
acl media rep_mime_type ^audio/x-scpls
acl media rep_mime_type ^video/x-flv
acl media rep_mime_type ^video/mpeg4
acl media rep_mime_type ms-hdr
acl media rep_mime_type x-fcs
acl mediapr urlpath_regex \.flv(\?.*)?$
acl mediapr urlpath_regex -i \.(avi|mp4|mov|m4v|mkv|flv)(\?.*)?$
acl mediapr urlpath_regex -i \.(mpg|mpeg|avi|mov|flv|wmv|mkv|rmvb)(\?.*)?$
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
### ACL VSEMOCNY ACCESS
http_access allow vsemocny
# BLOCK streaming files
http_access deny BlockExt
http_access deny mediapr
http_reply_access deny media
# Rules to block Radio / Video Stream ----------------------------------------
http_access deny bad_url
http_access deny Before_Office
http_access allow work
http_access allow guest
http_access allow localhost