Henrik Nordstrom ha scritto:
mån 2006-12-11 klockan 17:53 +0100 skrev Marcello Romani:
The only changes I have made to squid.conf is the addition of a few
domains in a couple of ACLs. (I have posted my squid.conf in this thread).
I haven't seen your squid.conf posted and neither can it be found in the
archives, only cache.log output showing the abort..
Note: we need the exact squid.conf from at the time you had the problem,
so getting it now after you somehow managed to get rid of the problem is
probably useless..
Regards
Henrik
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 128 MB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir ufs /var/cache/squid 1500 16 256
access_log /var/log/squid/access.log squid
ftp_user [EMAIL PROTECTED]
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 8443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow localhost
acl malicious_domains dstdomain .vcodecget.net .vcodecpull.com
.imrworldwide.com .skymasters.biz .redfunny.com .archiviosex.net
.msads.net .workzip.it .videopornazzi.com .storage-tasp.com .antix.it
.pornovideo-gratis.biz .affiliazione1.com .gromozon.com
.trafficredlight.net .hostance.net .hit.gemius.pl .iberporno.com
.videosz.com .pro-advertising.com advideo.altervista.org www.advshop.it
searchingwww.net .isuckall.com .tradedoubler.com .abetterinternet.com
.bestoffersnetworks.com .trafficgeneration.biz .finestresults.com
.coremetrics.com .itrack.it idkqzshcjxr.com 123swiss.com swissgreat.net
.dvdaccess.net
acl adv_domains_re dstdom_regex
(banners?\.|\bad[vs]?\.|ad[vs]-banner\.|adimg\.|adserver\.|adfarm.|ad-catgeo\.|\.swf.*clickTAG)
acl adv_domains dstdomain .doubleclick.net .serving-sys.com
img-catgeo.paginegialle.it .atdmt.com servedby.advertising.com
ad1.neodatagroup.com ad-it.tiscali.it adv-banner.libero.it ads.sfondo.it
.adbrite.com .fastclick.net .mediaplex.com media.intelia.it
.tekno4advertising.com
acl adv_urls url_regex
(\/banner\w*\.swf|\/ads[^k]|[a-z]\.tribalfusion\.(net|com))
http_access deny malicious_domains
http_access deny adv_domains_re
http_access deny adv_domains
http_access deny adv_urls
acl work_morning time MTWHF 08:00-12:00
acl work_afternoon time MTWHF 13:30-17:30
acl montaggio_acl src montaggio.dominio.ottotecnica.it
http_access deny montaggio_acl work_morning
http_access deny montaggio_acl work_afternoon
acl our_networks src 192.9.200.0/24
http_access allow our_networks
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr [EMAIL PROTECTED]
mail_from [EMAIL PROTECTED]
visible_hostname serverlinux
append_domain .dominio.ottotecnica.it
deny_info err_malicious_domain.html malicious_domains
deny_info err_no_ads_here.html adv_domains
deny_info err_no_ads_here.html adv_domains_re
deny_info err_no_ads_here.html adv_urls
forwarded_for off
error_directory /etc/squid/errors
coredump_dir /var/cache/squid
Thanks
--
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com
