squid
vi /etc/squid/squid.conf
只需配置两个地方 acl 和http_access
acl 变量名1 arp MAC列表 #00:1e:90:b1:d8:7f
acl 变量名2 src IP地址列表 #192.168.1.2
acl 变量名3 dstdomain 可访问的网页列表 # .163.com
acl 变量名4 url_regex -i 可访问的网页列表 # http://www.163.com/
http_access allow [变量名1 | 变量名2] #表示可访问所有页面
http_access allow [变量名1 | 变量名2] [变量名3 | 变量名4] #只可访问列明的网页
#########################################
acl CONNECT method CONNECT
#zhang
acl allowed_mac arp "/etc/squid/allowedmac"
acl allowed_ip src "/etc/squid/allowedip"
acl corp_all src 172.17.103.0/24
acl corp_all src 172.17.102.0/24
acl corp_all src 10.99.253.0/24
acl corp_allowsites dstdomain "/etc/squid/corp_allowsite"
acl corp_allow_url url_regex -i "/etc/squid/corp_allow_url"
acl bhcorp_allowedip src "/etc/squid/bhcorp_allowedip"
acl seds_allowedmac arp "/etc/squid/seds_allowedmac"
acl seds_allowsite dstdomain "/etc/squid/seds_allowsite"
# TAG: http_access
###################################################3
# And finally deny all other access to this proxy
http_access allow localhost
#zhang
http_access allow allowed_mac
http_access allow allowed_ip
http_access allow corp_all corp_allowsites
http_access allow corp_all corp_allow_url
http_access allow bhcorp_allowedip
http_access allow seds_allowedmac seds_allowsite
http_access deny all
# TAG: http_access2
[root@corplx1 squid] cat corp_allowsite
.dhl.com.hk
[root@corplx1 squid]# cat corp_allow_url
http://www.excite.co.jp/world