HTTP Anti-Virus Proxy

Official HAVP Support Forum
Registration disabled, I'm tired of spambots. E-mail havp@hege.li if you have questions.
HAVP project is pretty much frozen/abandoned at this time anyway.
It is currently 22 Jun 2014 09:52


Board index » HAVP Support » General Support

All times are UTC + 2 hours [ DST ]



Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 
  Print view Previous topic | Next topic 
Author Message
Tretsbirne
 Post subject: squid / havp / AD
PostPosted: 11 Mar 2008 15:14 
Offline

Joined: 11 Mar 2008 14:52
Posts: 1
Hello,
we do a school project.

Besides, only certain people should surf. There is an 2003 AD. This also functions quite really. Only if we want to scan with havp on viruses does not clap any more. The ACLs are not probably defined yet, but I do not get further there....

squid.conf
Code:
cache_log /var/log/squid/cache.log
cache_access_log /var/log/squid/access.log
cache_store_log none

logfile_rotate 5

debug_options ALL,1 28,9

cache_replacement_policy  heap LFUDA
memory_replacement_policy  heap GDSF

maximum_object_size 65536 KB
cache_mem 200 MB

cache_dir ufs /var/cache/squid 1000 256 256

cache_effective_user   squid
cache_effective_group  squid

acl manager proto cache_object
acl all src 0.0.0.0/0.0.0.0
acl allowed_hosts src 192.168.0.0/24
acl localhost src 127.0.0.1/32

http_port 3128
http_port 127.0.0.1:8081

acl FROM_HAVP myport 8081

log_access deny FROM_HAVP

visible_hostname proxy

auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 80
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 80
auth_param basic realm ambiFOX-Proxy
auth_param basic credentialsttl 180 seconds

acl xxxusers proxy_auth "/etc/squid/rules/xxx/freeuser"

http_access allow xxxusers

acl HTTPS proto HTTPS
always_direct allow HTTPS
never_direct allow !FROM_HAVP

http_access allow localhost

cache_peer 127.0.0.1 parent 8090 0 name=havp proxy-only no-digest no-netdb-exchange default

cache_peer 127.0.0.1 parent 8081 0 name=squid2 proxy-only no-query no-digest no-netdb-exchange

cache_peer_access havp deny FROM_HAVP
cache_peer_access havp deny HTTPS
cache_peer_access squid2 deny FROM_HAVP
cache_peer_access squid2 allow xxxusers
cache_peer_access havp allow xxxusers


access.log
Code:
1205236233.938      1 192.168.255.11 TCP_DENIED/407 1780 CONNECT urs.microsoft.com:443 - NONE/- text/html
1205236233.938      1 192.168.255.11 TCP_DENIED/407 1780 CONNECT urs.microsoft.com:443 - NONE/- text/html
1205236233.942      1 192.168.255.11 TCP_DENIED/407 1905 CONNECT urs.microsoft.com:443 - NONE/- text/html
1205236233.943      2 192.168.255.11 TCP_DENIED/407 1905 CONNECT urs.microsoft.com:443 - NONE/- text/html
1205236233.954     10 192.168.255.11 TCP_MISS/000 2050 CONNECT urs.microsoft.com:443 user DEFAULT_PARENT/havp -
1205236233.962     17 192.168.255.11 TCP_MISS/000 2050 CONNECT urs.microsoft.com:443 user DEFAULT_PARENT/havp -




Thank you for your help.

Tretsi
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 1 post ] 

Board index » HAVP Support » General Support

All times are UTC + 2 hours [ DST ]

Who is online

Users browsing this forum: Google [Bot] and 2 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group