blob: 6eee790c3bc54b473f5ff2ac1ff9203a126add03 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
#
# CONFIG FILE FOR SQUIDGUARD
#
dbhome /var/lib/squidguard/db
logdir /var/log/squid
#
# TIME RULES:
# abbrev for weekdays:
# s = sun, m = mon, t =tue, w = wed, h = thu, f = fri, a = sat
time workhours {
weekly mtwhf 08:00 - 16:30
date *-*-01 08:00 - 16:30
}
#
# REWRITE RULES:
#
rew dmz {
s@://admin/@://admin.foo.bar.de/@i
s@://foo.bar.de/@://www.foo.bar.de/@i
}
#
# SOURCE ADDRESSES:
#
src admin {
ip 1.2.3.4 1.2.3.5
user root foo bar
within workhours
}
src foo-clients {
ip 172.16.2.32-172.16.2.100 172.16.2.100 172.16.2.200
}
src bar-clients {
ip 172.16.4.0/26
}
#
# DESTINATION CLASSES:
#
dest good {
}
dest local {
}
dest adult {
domainlist dest/adult/domains
urllist dest/adult/urls
expressionlist dest/adult/expressions
redirect http://admin.foo.bar.de/cgi/blocked?clientaddr=%a+clientname=%n+clientuser=%i+clientgroup=%s+targetgroup=%t+url=%u
}
acl {
admin {
pass any
}
foo-clients within workhours {
pass good !in-addr !adult any
} else {
pass any
}
bar-clients {
pass local none
}
default {
pass local none
rewrite dmz
redirect http://admin.foo.bar.de/cgi/blocked?clientaddr=%a+clientname=%n+clientuser=%i+clientgroup=%s+targetgroup=%t+url=%u
}
}
|
