[FUG-BR] Squid + Auth + PF
Rafael Floriano Sousa Sales
rafael.sales em gmail.com
Segunda Janeiro 15 17:40:38 BRST 2007
Olá,
Você póde utilizar o wpad (Web Proxy Autodiscovery Protocol), vamos a receita:
squid.conf
header_access Via deny all
header_access X-Forwarded-For deny all
header_access Proxy-Connection deny all
header_access Accept-Encoding deny all
dhcpd.conf
option wpad code 252 = text ;
subnet 192.168.0.0 netmask 255.255.255.0 {
option wpad "http://intra.seudominio.com.br/wpad.dat\000";
}
httpd.conf
<VirtualHost *:80>
DirectoryIndex wpad.dat
ServerAlias proxy.* wpad.*
DocumentRoot "/usr/local/www/data/proxy/"
<Location "/">
ForceType application/x-ns-proxy-autoconfig
</Location>
</VirtualHost>
<Directory "/usr/local/www/data/proxy/">
Order Deny,Allow
Allow from 192.168.0. 127.
AllowOverride FileInfo AuthConfig Limit
ForceType application/x-ns-proxy-autoconfig
Options +ExecCGI
</Directory>
# AddHandler cgi-script .cgi
AddType application/x-ns-proxy-autoconfig .dat
AddType application/x-ns-proxy-autoconfig .pac
Alias /wpad.dat "/usr/local/www/data/proxy/wpad.dat"
Alias /wpad.da "/usr/local/www/data/proxy/wpad.dat"
Alias /proxy.pac "/usr/local/www/data/proxy/wpad.dat"
wpad.dat
function FindProxyForURL(url, host)
{
var domlocal = "intra.dominio.com.br";
var netlocal = "200.200.200.200";
var msklocal = "255.255.255.255";
var proxyaddr = "PROXY proxy.intra.dominio.com.br:3128; DIRECT";
var proxyaddrc = "PROXY 192.168.0.1:3128;";
if (dnsDomainIs(host, domlocal)) {
return "DIRECT";
} else if (isPlainHostName(host)) {
return "DIRECT";
} else if (isInNet(host, netlocal, msklocal)) {
return "DIRECT";
} else if (isInNet(host, "127.0.0.0", "255.0.0.0")) {
return "DIRECT";
} else if (isInNet(host, "192.168.0.0", "255.255.255.0")) {
return "DIRECT";
} else if (isInNet(myIpAddress(), "192.168.0.0", "255.255.0.0")) {
return proxyaddrc;
} else {
return proxyaddr;
}
}
Espero ter ajudado
Abraços
--
Tompast IT Services LTDA.
e-mail: rafael.sales at tompast.org
voip: 34568794 at iax.tompast.org
+55 11 4063-5759
+55 11 3207-2457
+55 11 8433-2281
+55 11 9979-6826
Mais detalhes sobre a lista de discussão freebsd