[rlug] (no subject)

[vuk_001]

Intai incepe cu crearea unui nou squid.conf :
+++++++
cat /etc/squid/squid.conf | grep "^[a-z]" >squid.conf.new
+++++++
apoi redenumesti ....

Uite niste fisiere ....
+++++++squid.conf++++++++
http_port 8080
cache_mem  8 MB
maximum_object_size 4096 KB
cache_dir ufs  /mnt/hdb1/squid 2000 64 64
cache_access_log /var/log/squid/access.log
cache_store_log none
dns_children 15
refresh_pattern         ^ftp:           1440    20%     10080
refresh_pattern         ^gopher:        1440    0%      1440
refresh_pattern         .               0       20%     4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 21 81 85 443 563 70 210 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl SSL method CONNECT
acl FTP proto FTP
acl HTTP proto HTTP
acl lista src "/etc/squid/lista.acl"
acl lista1 src "/etc/squid/lista2.acl"
acl lista2 time 15:00-19:00
acl lista3 time A S 9:00-19:00
never_direct allow SSL all
always_direct deny all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow lista
http_access allow lista1 lista2
http_access allow lista1 lista3
http_access deny all
icp_access allow all
miss_access allow all
visible_hostname gigi.gigi.ro
cache_peer 172.30.1.1 parent 80 0 proxy-only no-query default login=user:pass
+++++++++++++++++
Stiu ca m-am lovit si eu de problema asta ca la 
conexiuni SSL se ducea pe direct ...
Am 2 tipuri de clienti unii care folosesc severul asta 
de proxy si altii care se legau direct la 172.30.1.1 .
Pentru a doua categorie am facut un script cu 
ipchains ...
++++++++++++++++++
#!/bin/sh
/sbin/ipchains -F input
/sbin/ipchains -F forward
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.0.0.32/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.18/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.33/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.49/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.66/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.67/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.131/32 -j MASQ
/sbin/ipchains -A forward -s 192.0.0.226/32 -j MASQ
......................
/sbin/ipchains -A input -p tcp -s 192.0.0.0/24 -d 0/0 80 -j REDIRECT 8080
/sbin/ipchains -A input -p tcp -s 192.0.0.0/24 -d 0/0 443 -j REDIRECT 8080
+++++++++++++++++++++++++

---------------------------------------------------
Get free personalized email at http://www.iname.com

---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to 
unsubscribe from this list.