E vai esperar dar um problema? É um ambiente de produção? 2008/10/17 Saul Lima <[EMAIL PROTECTED]>
> Estou achando-o muito estável.... Até agora sem problemas.... > > 2008/10/17 Tadeu Cruz <[EMAIL PROTECTED]> > > Lembrando que o Lenny ainda esta em desenvolvimento, não é aconselhado >> usar em servidores >> >> On Thu, 16 Oct 2008 20:20:17 -0300, "Saul Lima" <[EMAIL PROTECTED]> >> wrote: >> > RESOLVIDO >> > >> > Desesperado para deixar tudo logo pronto, fiquei lendo todos os logs do >> > squid. Assim descobri que as pastas de cache não estavam criadas, aí >> foi >> > só >> > dar um # squid -z e tudo voltou ao seu normal.... >> > >> > 2008/10/16 Saul Lima <[EMAIL PROTECTED]> >> > >> >> Acho que vou ter que voltar para o etch.... não to entendendo o porque >> >> deste problema >> >> >> >> >> >> 2008/10/16 Saul Lima <[EMAIL PROTECTED]> >> >> >> >> Migrei agora para o lenny e copiei meu antigo squid.conf (que >> funcionava >> >>> sem problemas) para a pasta /etc/squid, o squid do lenny (2.7) >> > carrega sem >> >>> mostrar erros, mas as máquinas da rede não conseguem acessar a >> > internet, >> >>> acusando que o squid está recusando conexões. Meu squid.conf é o >> > seguinte: >> >>> >> >>> http_port 3128 transparent >> >>>> visible_hostname PMM >> >>>> error_directory /usr/share/squid/errors/Portuguese/ >> >>>> >> >>>> cache_mem 1024 MB >> >>>> maximum_object_size_in_memory 250 KB >> >>>> maximum_object_size 600 MB >> >>>> minimum_object_size 0 KB >> >>>> cache_swap_low 90 >> >>>> cache_swap_high 95 >> >>>> cache_dir ufs /var/spool/squid 20480 64 256 >> >>>> cache_access_log /var/log/squid/access.log >> >>>> refresh_pattern ^ftp: 1440 20% 2280 >> >>>> refresh_pattern ^gopher: 1440 20% 2280 >> >>>> refresh_pattern . 60 20% 2280 >> >>>> >> >>>> >> >>>> acl all src 0.0.0.0/0.0.0.0 >> >>>> acl manager proto cache_object >> >>>> acl localhost src 127.0.0.1/255.255.255.255 >> >>>> acl SSL_ports port 443 563 >> >>>> acl Safe_ports port 21 80 443 563 70 210 280 488 59 777 901 >> 1025-65535 >> >>>> acl purge method PURGE >> >>>> acl CONNECT method CONNECT >> >>>> http_access allow manager localhost >> >>>> http_access deny manager >> >>>> http_access allow purge localhost >> >>>> http_access deny purge >> >>>> http_access deny !Safe_ports >> >>>> http_access deny CONNECT !SSL_ports >> >>>> >> >>>> >> >>>> #bloqueio de extensões e sites >> >>>> acl proibidos url_regex -i \.exe \.mp3 \.vqf \.tar.gz \.gz \.rpm >> \.avi >> >>>> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat >> > \.torrent >> >>>> \.wma \.scr >> >>>> acl proibidos_chefe url_regex -i \.mp3 \.vqf \.tar.gz \.gz \.rpm >> \.avi >> >>>> \.mpeg \.mpe \.mpg \.qt \.ram \.rm \.iso \.raw \.wav \.flv \.bat >> > \.torrent >> >>>> \.wmv \.wma \.scr >> >>>> acl sites url_regex -i "/etc/squid/sites" >> >>>> >> >>>> acl manutencao arp 00:15:f2:a5:ed:11 >> >>>> acl redelocal arp "/etc/squid/usuarios" >> >>>> acl chefes arp "/etc/squid/chefes" >> >>>> >> >>>> >> >>>> delay_pools 2 >> >>>> delay_class 1 2 >> >>>> delay_parameters 1 57600/57600 7680/7168 >> >>>> delay_class 2 2 >> >>>> delay_parameters 2 57600/57600 7680/16384 >> >>>> delay_access 1 allow redelocal >> >>>> delay_access 1 allow manutencao >> >>>> delay_access 1 allow localhost >> >>>> delay_access 2 allow chefes >> >>>> >> >>>> >> >>>> >> >>>> http_access deny sites redelocal >> >>>> http_access deny sites chefes >> >>>> http_access deny proibidos redelocal >> >>>> http_access deny proibidos_chefe chefes >> >>>> http_access deny proibidos_chefe manutencao >> >>>> http_access allow manutencao >> >>>> http_access allow localhost >> >>>> http_access allow redelocal >> >>>> http_access allow chefes >> >>>> http_access deny all >> >>>> >> >>> >> >>> Depois de rodar o squid eu executei os comandos: >> >>> >> >>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >> >>> iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT >> >>> --to-port 3128 >> >>> echo 1 > /proc/sys/net/ipv4/ip_forward >> >>> >> >>> >> >>> >> >> >> -- >> [EMAIL PROTECTED] >> (31) 9976-3161 >> http://blog.tadeucruz.com >> > > -- Fabiano Pires http://pragasdigitais.blogspot.com/ Livrando você da escória da Internet
