Lembrando que o Lenny ainda esta em desenvolvimento, não é aconselhado usar em servidores
On Thu, 16 Oct 2008 20:20:17 -0300, "Saul Lima" <[EMAIL PROTECTED]> wrote: > RESOLVIDO > > Desesperado para deixar tudo logo pronto, fiquei lendo todos os logs do > squid. Assim descobri que as pastas de cache não estavam criadas, aí foi > só > dar um # squid -z e tudo voltou ao seu normal.... > > 2008/10/16 Saul Lima <[EMAIL PROTECTED]> > >> Acho que vou ter que voltar para o etch.... não to entendendo o porque >> deste problema >> >> >> 2008/10/16 Saul Lima <[EMAIL PROTECTED]> >> >> Migrei agora para o lenny e copiei meu antigo squid.conf (que funcionava >>> sem problemas) para a pasta /etc/squid, o squid do lenny (2.7) > carrega sem >>> mostrar erros, mas as máquinas da rede não conseguem acessar a > internet, >>> acusando que o squid está recusando conexões. Meu squid.conf é o > seguinte: >>> >>> http_port 3128 transparent >>>> visible_hostname PMM >>>> error_directory /usr/share/squid/errors/Portuguese/ >>>> >>>> cache_mem 1024 MB >>>> maximum_object_size_in_memory 250 KB >>>> maximum_object_size 600 MB >>>> minimum_object_size 0 KB >>>> cache_swap_low 90 >>>> cache_swap_high 95 >>>> cache_dir ufs /var/spool/squid 20480 64 256 >>>> cache_access_log /var/log/squid/access.log >>>> refresh_pattern ^ftp: 1440 20% 2280 >>>> refresh_pattern ^gopher: 1440 20% 2280 >>>> refresh_pattern . 60 20% 2280 >>>> >>>> >>>> acl all src 0.0.0.0/0.0.0.0 >>>> acl manager proto cache_object >>>> acl localhost src 127.0.0.1/255.255.255.255 >>>> acl SSL_ports port 443 563 >>>> acl Safe_ports port 21 80 443 563 70 210 280 488 59 777 901 1025-65535 >>>> acl purge method PURGE >>>> acl CONNECT method CONNECT >>>> http_access allow manager localhost >>>> http_access deny manager >>>> http_access allow purge localhost >>>> http_access deny purge >>>> http_access deny !Safe_ports >>>> http_access deny CONNECT !SSL_ports >>>> >>>> >>>> #bloqueio de extensões e sites >>>> acl proibidos url_regex -i \.exe \.mp3 \.vqf \.tar.gz \.gz \.rpm \.avi >>>> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat > \.torrent >>>> \.wma \.scr >>>> acl proibidos_chefe url_regex -i \.mp3 \.vqf \.tar.gz \.gz \.rpm \.avi >>>> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat > \.torrent >>>> \.wmv \.wma \.scr >>>> acl sites url_regex -i "/etc/squid/sites" >>>> >>>> acl manutencao arp 00:15:f2:a5:ed:11 >>>> acl redelocal arp "/etc/squid/usuarios" >>>> acl chefes arp "/etc/squid/chefes" >>>> >>>> >>>> delay_pools 2 >>>> delay_class 1 2 >>>> delay_parameters 1 57600/57600 7680/7168 >>>> delay_class 2 2 >>>> delay_parameters 2 57600/57600 7680/16384 >>>> delay_access 1 allow redelocal >>>> delay_access 1 allow manutencao >>>> delay_access 1 allow localhost >>>> delay_access 2 allow chefes >>>> >>>> >>>> >>>> http_access deny sites redelocal >>>> http_access deny sites chefes >>>> http_access deny proibidos redelocal >>>> http_access deny proibidos_chefe chefes >>>> http_access deny proibidos_chefe manutencao >>>> http_access allow manutencao >>>> http_access allow localhost >>>> http_access allow redelocal >>>> http_access allow chefes >>>> http_access deny all >>>> >>> >>> Depois de rodar o squid eu executei os comandos: >>> >>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >>> iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT >>> --to-port 3128 >>> echo 1 > /proc/sys/net/ipv4/ip_forward >>> >>> >>> >> -- [EMAIL PROTECTED] (31) 9976-3161 http://blog.tadeucruz.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
