Linux@Arinet.org - Bingung membatasi pemakaian user internet di squid

Our Sponsor

Arinet Forum

Boardwalk :: Forum List

Linux Umum

Diskusi Umum

xko_productions
User

Fresh Boarder

Posts: 1

Karma: 0

Bingung membatasi pemakaian user internet di squid - 2009/05/04 22:10 Salam kenal untuk semua....

Saya lagi mencoba membangun server proxy squid menggunakan, tapi kok semua ip bisa akses internet nya, begini skrip nya

####################################
http_port 8080
icp_port 3180

visible_hostname SVRPROXY1
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
coredump_dir /var/spool/squid
cache_effective_user proxy
cache_effective_group proxy
cache_mem 100 MB
access_log /var/log/squid/access.log squid

acl localhost src 127.0.0.0/8
acl localhostdst dst 127.0.0.0/8
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow localhost
http_access deny manager
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_reply_access allow all

# <EBOX> TAG_HTTP_ACCESS #
http_access deny all
# END_TAG #

#always_direct allow localhostdst
redirect_program /usr/bin/adzapper.wrapper
#####################################

kalau saya tambahkan dengan setingan IP tertentu seperti :

acl helpdesk src 10.31.50.33/255.255.255.255
acl qodi src 10.31.50.37/255.255.255.255

http_access allow helpdesk
http_access allow qodri

tidak ada pengaruhnya, IP yg tk terdaftar pun masih bisa akses internet..... apakah ada yg salah di skripnya..??

mohon pencerahan dari senior semuanya. thanks

| | The administrator has disabled public write access.

Boardwalk :: Forum List Linux Umum Diskusi Umum

Joomlaboard Forum Component 1.1.2 Stable
Two Shoes M-Factory