فایل Config.
کد:
#
#Recommended minimum configuration:
acl all src 192.168.50.0/24
acl alls src 192.178.78.0/24
acl allw src 192.168.51.0/24
acl site1 src 192.178.78.3-192.178.78.18
acl site2 src 192.178.78.20-192.178.78.35
acl internet src 192.178.78.46-192.178.78.61
acl intime1 time M 14:00-15:45
acl intime2 time T 09:30-11:15
acl offtime time S M T W H F A 07:30-19:30
acl management src 192.168.50.62-192.168.50.63
acl official1 src 192.168.50.64-192.168.50.96
acl official2 src 192.168.50.175-192.168.50.183
acl official3 src 192.168.50.107-192.168.50.108
acl school src 192.168.50.105-192.168.50.106
acl official4 src 192.168.50.110-192.168.50.112
acl official5 src 192.168.50.163
acl official6 src 192.168.50.201
acl official7 src 192.168.50.59-192.168.50.60
acl wireless src 192.168.51.1-192.168.51.254
acl official8 src 192.168.50.247-192.168.50.254
acl official9 src 192.168.50.5-192.168.50.6
acl official10 src 192.168.50.12-192.168.50.15
acl afkhami src 192.168.50.61
acl IT src 192.168.50.100-192.168.50.101
acl edumolaghati src 192.178.78.62-192.178.78.63
acl electroniclab src 192.178.78.62-192.178.78.67
acl multimedia src 192.178.78.87
acl researchlab src 192.178.78.70-192.178.78.71
acl hajilari-laptop src 192.168.50.9
acl shakiba src 192.168.50.50
acl servers src 192.168.50.169-192.168.50.172
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# TAG: http_access
# Allowing or Denying access based on defined access lists
#
# Access to the HTTP port:
# http_access allow|deny [!]aclname ...
#
# NOTE on default values:
#
# If there are no "access" lines present, the default is to deny
# the request.
#
# If none of the "access" lines cause a match, the default is the
# opposite of the last line in the list. If the last line was
# deny, the default is allow. Conversely, if the last line
# is allow, the default will be deny. For these reasons, it is a
# good idea to have an "deny all" or "allow all" entry at the end
# of your access lists to avoid potential confusion.
#
#Default:
#http_access allow internet
http_access allow internet intime1
http_access allow internet intime2
#http_access allow site1
http_access deny site1
#http_access allow site2
http_access deny site2
http_access allow wireless
#http_access deny wireless
http_access allow IT
#http_access deny IT
http_access allow management
#http_access deny management
http_access allow school offtime
#http_access deny school
http_access allow edumolaghati offtime
#http_access deny edumolaghati
http_access allow electroniclab offtime
#http_access deny electroniclab
http_access allow multimedia offtime
#http_access deny multimedia
http_access allow researchlab offtime
#http_access deny researchlab
http_access allow hajilari-laptop offtime
#http_access deny hajilari-laptop
http_access allow shakiba offtime
#http_access deny shakiba
http_access allow official1 offtime
#http_access deny official1
http_access allow official2 offtime
#http_access deny official2
http_access allow official3 offtime
#http_access deny official3
http_access allow official4 offtime
#http_access deny official4
http_access allow official5 offtime
#http_access deny official5
http_access allow official6 offtime
#http_access deny official6
http_access allow official7 offtime
#http_access deny official7
http_access allow official8 offtime
#http_access deny official8
http_access allow official9 offtime
#http_access deny official9
http_access allow official10 offtime
#http_access deny official10
http_access allow servers
#http_access deny servers
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
#Default:
# http_reply_access allow all
# TAG: icp_access
# Allowing or Denying access to the ICP port based on defined
# access lists
#
# icp_access allow|deny [!]aclname ...
#
# See http_access for details
#
#Default:
# icp_access deny all
#
#Allow ICP queries from everyone
icp_access allow all
icp_access allow alls
icp_access allow allw
# TAG: htcp_access
# Note: This option is only available if Squid is rebuilt with the
# --enable-htcp option
#
# Allowing or Denying access to the HTCP port based on defined
# access lists
#
# htcp_access allow|deny [!]aclname ...
#
# See http_access for details
#
# NOTE: The default if no htcp_access lines are present is to
# deny all traffic. This default may cause problems with peers
# using the htcp or htcp-oldsquid options.
#
##Allow HTCP queries from everyone
#htcp_access allow all
#
#Default:
# htcp_access deny all
# TAG: htcp_clr_access
# Note: This option is only available if Squid is rebuilt with the
# --enable-htcp option
#
# Allowing or Denying access to purge content using HTCP based
# on defined access lists
#
# htcp_clr_access allow|deny [!]aclname ...
#
# See http_access for details
#
##Allow HTCP CLR requests from trusted peers
#acl htcp_clr_peer src 172.16.1.2
#htcp_clr_access allow htcp_clr_peer
#
#Default:
# htcp_clr_access deny all
# TAG: miss_access
# Use to force your neighbors to use you as a sibling instead of
# a parent. For example:
#
# acl localclients src 172.16.0.0/16
# miss_access allow localclients
# miss_access deny !localclients
#
# This means only your local clients are allowed to fetch
# MISSES and all other clients can only fetch HITS.
#
# By default, allow all clients who passed the http_access rules
# to fetch MISSES from us.
#
#Default setting:
# miss_access allow all