LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page SQUID in SuSE 10 x64
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-11-2007, 12:48 PM   #1
AQG
Member
 
Registered: Jun 2005
Distribution: SuSE, Red Hat
Posts: 162

Rep: Reputation: 30
SQUID in SuSE 10 x64

Hello people trying to pick your mind once again.

I've set up a squid box with a quad port NIC plus 4 more single NIC's
I'm filtering internet access (Identifying by MAC address) and gave different rules.
It's working fine but have two or three questions.
0.-My most important one is how can I limit the tranfer rate and
download rate from the users in order for me to save bandwith
resources
1.-Can you analyse and see if my code is in the best way it can
2.-what suggestion can you give me reffering to security
3.-any suggestion will be helpfull

Thanks once again for your time and patience!!!!!


Code:
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

acl all src 0.0.0.0/0.0.0.0
acl my_server src 127.0.0.1/255.255.255.255
acl manager proto http cache_object



#USUARIOS QUE SOLO TENDRAN ACCESO A PAGINAS DE TRABAJO
acl mac_mortal_usr1 arp "/etc/squid/access/idf1/mac/mortal_usr"
acl mac_mortal_usr2 arp "/etc/squid/access/idf2/mac/mortal_usr"
acl mac_mortal_usr3 arp "/etc/squid/access/idf3/mac/mortal_usr"
acl mac_mortal_usr4 arp "/etc/squid/access/idf4/mac/mortal_usr"
acl mac_mortal_usr5 arp "/etc/squid/access/idf5/mac/mortal_usr"
acl mac_mortal_usr6 arp "/etc/squid/access/idf6/mac/mortal_usr"
acl mac_mortal_usr7 arp "/etc/squid/access/idf7/mac/mortal_usr"

#USUARIOS QUE SOLO TENDRAN ACCESO A PAGINAS EN GENERAL POR EJEMEMPLO
#LA CRONICA, ANTIVIRUS, CONSULTAS DE PRECIOS ETC. E INCLUYENDO LAS ANTERIORES
acl mac_mortal_usr1 arp "/etc/squid/access/idf1/mac/grl_usr"
acl mac_mortal_usr2 arp "/etc/squid/access/idf2/mac/grl_usr"
acl mac_mortal_usr3 arp "/etc/squid/access/idf3/mac/grl_usr"
acl mac_mortal_usr4 arp "/etc/squid/access/idf4/mac/grl_usr"
acl mac_mortal_usr5 arp "/etc/squid/access/idf5/mac/grl_usr"
acl mac_mortal_usr6 arp "/etc/squid/access/idf6/mac/grl_usr"
acl mac_mortal_usr7 arp "/etc/squid/access/idf7/mac/grl_usr"

#USUARIOS QUE TENDRAN ACCESO A PAGINAS ESPECIALES E INCLUYENDO LAS ANTERIORES
#PRO EJEMPLO GMAIL, HOTMAIL, Y UNA QUE OTRA PAGINA ESPECIAL
acl mac_mortal_usr1 arp "/etc/squid/access/idf1/mac/special_usr"
acl mac_mortal_usr2 arp "/etc/squid/access/idf2/mac/special_usr"
acl mac_mortal_usr3 arp "/etc/squid/access/idf3/mac/special_usr"
acl mac_mortal_usr4 arp "/etc/squid/access/idf4/mac/special_usr"
acl mac_mortal_usr5 arp "/etc/squid/access/idf5/mac/special_usr"
acl mac_mortal_usr6 arp "/etc/squid/access/idf6/mac/special_usr"
acl mac_mortal_usr7 arp "/etc/squid/access/idf7/mac/special_usr"

#USUARIOS QUE TENDRAN ACCESO A PAGINAS DEL MSN ETC. Y TODO LO DEMAS. CONTROLADOS POR ANCHO DE BANDA DE LA
#TARJETA DEL PROXY
acl mac_mortal_usr1 arp "/etc/squid/access/idf1/mac/super_usr"
acl mac_mortal_usr2 arp "/etc/squid/access/idf2/mac/super_usr"
acl mac_mortal_usr3 arp "/etc/squid/access/idf3/mac/super_usr"
acl mac_mortal_usr4 arp "/etc/squid/access/idf4/mac/super_usr"
acl mac_mortal_usr5 arp "/etc/squid/access/idf5/mac/super_usr"
acl mac_mortal_usr6 arp "/etc/squid/access/idf6/mac/super_usr"
acl mac_mortal_usr arp "/etc/squid/access/idf7/mac/super_usr"


acl work_web_access url_regex "/etc/squid/access/webs/work_web"
acl grl_web_access url_regex "/etc/squid/access/webs/grl_web"
acl special_web_access url_regex /etc/squid/access/webs/special_web"
acl msn_web_access url_regex "/etc/squid/access/webs/msn_web"


###################USERS FROM COMUNICATIONS ROOM 1######################################
http_access allow mac_mortal_usr1 work_web_access

http_access allow mac_grl_usr1 grl_web_access
http_access allow mac_grl_usr1 work_web_access

http_access allow mac_special_usr1 work_web_access
http_access allow mac_special_usr1 grl_web_access
http_access allow mac_special_usr1 special_web_access

http_access allow mac_super_usr1 work_web_access
http_access allow mac_super_usr1 grl_web_access
http_access allow mac_super_usr1 special_web_access
http_access allow mac_super_usr1 msn_web_access
########################################################################################

###################USERS FROM COMUNICATIONS ROOM 2######################################
http_access allow mac_mortal_usr2 work_web_access

http_access allow mac_grl_usr2 grl_web_access
http_access allow mac_grl_usr2 work_web_access

http_access allow mac_special_usr2 work_web_access
http_access allow mac_special_usr2 grl_web_access
http_access allow mac_special_usr2 special_web_access

http_access allow mac_super_usr2 work_web_access
http_access allow mac_super_usr2 grl_web_access
http_access allow mac_super_usr2 special_web_access
http_access allow mac_super_usr2 msn_web_access
########################################################################################

###################USERS FROM COMUNICATIONS ROOM 3######################################
http_access allow mac_mortal_usr3 work_web_access

http_access allow mac_grl_usr3 grl_web_access
http_access allow mac_grl_usr3 work_web_access

http_access allow mac_special_usr3 work_web_access
http_access allow mac_special_usr3 grl_web_access
http_access allow mac_special_usr3 special_web_access

http_access allow mac_super_usr3 work_web_access
http_access allow mac_super_usr3 grl_web_access
http_access allow mac_super_usr3 special_web_access
http_access allow mac_super_usr3 msn_web_access


###################USERS FROM COMUNICATIONS ROOM 4######################################
http_access allow mac_mortal_usr4 work_web_access

http_access allow mac_grl_usr4 grl_web_access
http_access allow mac_grl_usr4 work_web_access

http_access allow mac_special_usr4 work_web_access
http_access allow mac_special_usr4 grl_web_access
http_access allow mac_special_usr4 special_web_access

http_access allow mac_super_usr4 work_web_access
http_access allow mac_super_usr4 grl_web_access
http_access allow mac_super_usr4 special_web_access
http_access allow mac_super_usr4 msn_web_access
########################################################################################

###################USERS FROM COMUNICATIONS ROOM 5######################################
http_access allow mac_mortal_usr5 work_web_access

http_access allow mac_grl_usr5 grl_web_access
http_access allow mac_grl_usr5 work_web_access

http_access allow mac_special_usr5 work_web_access
http_access allow mac_special_usr5 grl_web_access
http_access allow mac_special_usr5 special_web_access

http_access allow mac_super_usr5 work_web_access
http_access allow mac_super_usr5 grl_web_access
http_access allow mac_super_usr5 special_web_access
http_access allow mac_super_usr5 msn_web_access
########################################################################################

###################USERS FROM COMUNICATIONS ROOM 6######################################
http_access allow mac_mortal_usr6 work_web_access

http_access allow mac_grl_usr6 grl_web_access
http_access allow mac_grl_usr6 work_web_access

http_access allow mac_special_usr6 work_web_access
http_access allow mac_special_usr6 grl_web_access
http_access allow mac_special_usr6 special_web_access

http_access allow mac_super_usr6 work_web_access
http_access allow mac_super_usr6 grl_web_access
http_access allow mac_super_usr6 special_web_access
http_access allow mac_super_usr6 msn_web_access
########################################################################################

###################USERS FROM COMUNICATIONS ROOM 7######################################
http_access allow mac_mortal_usr7 work_web_access

http_access allow mac_grl_usr7 grl_web_access
http_access allow mac_grl_usr7 work_web_access

http_access allow mac_special_usr7 work_web_access
http_access allow mac_special_usr7 grl_web_access
http_access allow mac_special_usr7 special_web_access

http_access allow mac_super_usr7 work_web_access
http_access allow mac_super_usr7 grl_web_access
http_access allow mac_super_usr7 special_web_access
http_access allow mac_super_usr7 msn_web_access
#########################################################################################

http_access allow my_server
http_reply_access allow all
http_access deny all

icp_access allow my_server
icp_access allow mac_mortal_usr3
icp_access allow work_web_access
icp_access allow mac_grl_usr3
icp_access allow grl_web_access
icp_access allow mac_special_usr3
icp_access allow special_web_access
icp_access allow mac_super_usr3
icp_access allow msn_web_access
icp_access deny all


http_port x.x.x.x:8080
http_port x.x.x.x:3128
icp_port 0


cache_mem 512 MB
cache_dir ufs /var/cache/squid 800 16 256

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log


visible_hostname my_server
ident_lookup_access allow QUERY all mexproxy01 manager work_web_access mac_mortal_usr1 mac_mortal_usr2 mac_mortal_usr3 mac_mortal_usr4 mac_mortal_usr5 mac_mortal_usr6 mac_mortal_usr7 mac_grl_usr1 mac_grl_usr2 mac_grl_usr3 mac_grl_usr4 mac_grl_usr5 mac_grl_usr6 mac_grl_usr7 grl_web_access special_web_access mac_special_usr1 mac_special_usr2 mac_special_usr3 mac_special_usr4 mac_special_usr5 mac_special_usr6 mac_special_usr7 msn_web_access mac_super_usr1 mac_super_usr2 mac_super_usr3 mac_super_usr4 mac_super_usr5 mac_super_usr6 mac_super_usr7


tcp_outgoing_address x.x.x.x
delay_pools 0
httpd_accel_with_proxy on
httpd_accel_port 80
httpd_accel_uses_host_header on
cache_effective_user squid
cache_effective_group nogroup
#############END####################
Last edited by AQG; 01-11-2007 at 01:16 PM.
 
Old 01-16-2007, 11:06 AM   #2
AQG
Member
 
Registered: Jun 2005
Distribution: SuSE, Red Hat
Posts: 162

Original Poster
Rep: Reputation: 30
Thanks to all for the help,

my only question now is:

How can I limit the tranfer and download rate from the users in order for me to save bandwith resources???????

Any Ideas!!!!!!!!!!
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Suse 10.1 x64 installed as 32bit Steel_J SUSE / openSUSE 5 08-26-2006 01:59 PM
SuSE 10.1 x64 installer hangs Nightfox SUSE / openSUSE 1 07-14-2006 02:48 AM
can i run linux mandriver x64 with windows x64 bit if so wich one should i install fi malmac2000 Linux - Software 2 04-26-2006 07:04 AM
Suse 10.0 x64 Installation problems, nothing works! BeastInThaEast SUSE / openSUSE 2 12-29-2005 09:39 PM
FSTAB fkup in SuSE 9 x64 uniQ Linux - General 0 01-29-2004 06:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:33 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration