В сквиде я мало что понимаю. Нужна непрозрачная прокся. Конфиги получились вот такие (переделал из 2.5)
Код: Выделить всё
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl server src 192.168.0.1-192.168.0.8/255.255.255.255
acl vip src 192.168.0.200-192.168.0.254/255.255.255.255
acl ruskon002 src 192.168.0.10-192.168.0.199/255.255.255.255
http_access allow server
acl MP2 url_regex \.mp2$
acl MP3 url_regex \.mp3$
acl MP4 url_regex \.mp4$
acl VIDEO url_regex [i] \.wma$ \.mpeg$ \.avi$ \.mpg$
acl MUSIC url_regex [-i] \.rm \.avi \.wma \.viv \.mpg \.asf \.mp2 \.mp3 \.mp4 mpeg movie video song
acl CARDS url_regex [-i] cards postcard virtualflowers otkrytki vf.ru flowers greetings passionup
acl MUSIC2 urlpath_regex [-i] \.mp3$ \.avi$ \.mpeg$
# about delay_pools see below
delay_pools 5
delay_class 1 2
delay_class 2 1
delay_class 3 2
delay_class 4 1
delay_class 5 1
delay_parameters 1 4096/16384 2048/8192
delay_parameters 2 -1/-1
delay_parameters 3 -1/-1 16384/32768
delay_parameters 4 8192/32768
delay_parameters 5 2048/8192
delay_access 2 allow ruskon002
delay_access 2 allow vip
delay_access 2 allow server
delay_access 1 deny all
delay_access 2 deny all
delay_access 3 deny all
delay_access 4 deny all
delay_access 5 deny all
acl SMTP_port port 25
http_access deny SMTP_port
http_access allow manager localhost
http_access deny manager
http_access deny to_localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow vip
http_access allow ruskon002
http_access deny all
icp_access allow all
cache_mem 64 MB
maximum_object_size 16384 KB
redirect_program /usr/local/rejik/redirector /usr/local/rejik/redirector.conf
redirect_children 5
dns_timeout 5 minutes
cache_effective_user squid
cache_effective_group squid
visible_hostname ruskon.biz
append_domain .ruskon.biz
forwarded_for on
cache_dir ufs /usr/local/squid/cache 2000 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
cache_store_log /usr/local/squid/logs/store.log
http_port 3128
ftp_user squid@ruskon.biz
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl Local dst 192.168.0.0/24
no_cache deny Local
acl XYZZY url_regex ^http://mail.ruskon.biz$
no_cache deny XYZZY
acl someserver dstdomain .ruskon.biz
no_cache deny someserver
read_timeout 5 minutes
request_timeout 1 minute
client_lifetime 720 minutes
half_closed_clients on
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
error_directory /usr/local/etc/squid/errors/Russian-1251
coredump_dir /usr/local/squid/cache
acl external src 213.247.226.33/255.255.255.0
acl internal src 192.168.0.0/255.255.255.0
always_direct deny external
always_direct allow internal
never_direct allow all
Плюс вопрос, что нужно написать в pf.conf чтоб оно работало???