关于squid不能禁止下载的问题?

jimorainboy · 发表于 2005-10-18 18:55:59

下边是squid配置文件:
http_port 127.0.0.1:3128

cache_mem 32 MB
cache_swap_low 90
cache_swap_high 95
cache_mgr [email protected]
cache_dir ufs /cache/squid 6000 16 256
cache_access_log /usr/local/squid/var/logs/access.log /dev/null
cache_log /usr/local/squid/var/logs/cache.log /dev/null
cache_store_log /usr/local/squid/var/logs/store.log none

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1
acl mmxfile urlpath_regex -i \.gif$ \.exe$ \.mp3$ \.rmvb$ \.rm$ \.wma$ \.wav$ \.rar$ \.zip
acl star src 192.168.1.0/255.255.255.0
acl teacher arp "/usr/local/squid/teacher.list"
acl teacher1 arp "/usr/local/squid/teacher1.list"
acl baduser maxconn 3

http_access allow teacher teacher1 localhost
http_access deny mmxfile
http_access deny baduser
http_access allow star
http_access deny all

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

我用iptables做的透明代理代码如下:
modprobe ip_tables
modprobe iptable_nat
modprobe iptable_filter
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F -t nat
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j SNAT --to xxx.xxx.xxx.xxx

hew · 发表于 2005-10-18 19:31:02

-A PREROUTING -s 192.168.0.0/24 -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

jimorainboy · 发表于 2005-10-19 18:36:15

首先谢谢hew的答复，但是那些上网机器的IP全都是192.168.1.10-192.168.1.254这个范围的IP地址，用这条语句有用吗？？？

		自动登录	找回密码
密码			注册