Acho que vou ter que voltar para o etch.... não to entendendo o porque deste problema
2008/10/16 Saul Lima <[EMAIL PROTECTED]> > Migrei agora para o lenny e copiei meu antigo squid.conf (que funcionava > sem problemas) para a pasta /etc/squid, o squid do lenny (2.7) carrega sem > mostrar erros, mas as máquinas da rede não conseguem acessar a internet, > acusando que o squid está recusando conexões. Meu squid.conf é o seguinte: > > http_port 3128 transparent >> visible_hostname PMM >> error_directory /usr/share/squid/errors/Portuguese/ >> >> cache_mem 1024 MB >> maximum_object_size_in_memory 250 KB >> maximum_object_size 600 MB >> minimum_object_size 0 KB >> cache_swap_low 90 >> cache_swap_high 95 >> cache_dir ufs /var/spool/squid 20480 64 256 >> cache_access_log /var/log/squid/access.log >> refresh_pattern ^ftp: 1440 20% 2280 >> refresh_pattern ^gopher: 1440 20% 2280 >> refresh_pattern . 60 20% 2280 >> >> >> acl all src 0.0.0.0/0.0.0.0 >> acl manager proto cache_object >> acl localhost src 127.0.0.1/255.255.255.255 >> acl SSL_ports port 443 563 >> acl Safe_ports port 21 80 443 563 70 210 280 488 59 777 901 1025-65535 >> acl purge method PURGE >> acl CONNECT method CONNECT >> http_access allow manager localhost >> http_access deny manager >> http_access allow purge localhost >> http_access deny purge >> http_access deny !Safe_ports >> http_access deny CONNECT !SSL_ports >> >> >> #bloqueio de extensões e sites >> acl proibidos url_regex -i \.exe \.mp3 \.vqf \.tar.gz \.gz \.rpm \.avi >> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat \.torrent >> \.wma \.scr >> acl proibidos_chefe url_regex -i \.mp3 \.vqf \.tar.gz \.gz \.rpm \.avi >> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat \.torrent >> \.wmv \.wma \.scr >> acl sites url_regex -i "/etc/squid/sites" >> >> acl manutencao arp 00:15:f2:a5:ed:11 >> acl redelocal arp "/etc/squid/usuarios" >> acl chefes arp "/etc/squid/chefes" >> >> >> delay_pools 2 >> delay_class 1 2 >> delay_parameters 1 57600/57600 7680/7168 >> delay_class 2 2 >> delay_parameters 2 57600/57600 7680/16384 >> delay_access 1 allow redelocal >> delay_access 1 allow manutencao >> delay_access 1 allow localhost >> delay_access 2 allow chefes >> >> >> >> http_access deny sites redelocal >> http_access deny sites chefes >> http_access deny proibidos redelocal >> http_access deny proibidos_chefe chefes >> http_access deny proibidos_chefe manutencao >> http_access allow manutencao >> http_access allow localhost >> http_access allow redelocal >> http_access allow chefes >> http_access deny all >> > > Depois de rodar o squid eu executei os comandos: > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT > --to-port 3128 > echo 1 > /proc/sys/net/ipv4/ip_forward > > >
