agora minha duvida,,
server mk+hotspot = gw
linux ubuntu server 8.04-squid 2.6 - bind9. + hd 80 sata + 3gb ram ddr2 ,eth0 3com..
galera, tenho rodando aqui um proxy em paralelo com mk 'cliente do mk '
com o seguinte redirecionamento e mais nada...
add chain=dstnat src-address=!192.168.2.8 dst-address=!192.168.2.8 protocol=tcp dst-port=80 src-address-list=clientes action=dst-nat to-addresses=192.168.2.8 \
to-ports=3128 comment="" disabled=no
192.168.2.8 eh o proxy
address-list clientes, é pq uso mask /30 um range pra cada cliente..
varios dias fuçando na net sobre squid, pedacin de um pedacin de outro,,, cheguei a esse squid.conf
http_port 192.168.2.8:3128 transparent
cache_mgr speednet
visible_hostname speednet.com.br
cache_mem 256 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 16 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_store_log none
dns_nameservers 192.168.2.8
##daemon diskd melhora a performace de acesso a disco
cache_dir diskd /var/spool/squid/cache0 6000 16 256 Q1=64 Q2=72
cache_dir diskd /var/spool/squid/cache1 6000 16 256 Q1=64 Q2=72
cache_dir diskd /var/spool/squid/cache2 6000 16 256 Q1=64 Q2=72
cache_dir diskd /var/spool/squid/cache3 6000 16 256 Q1=64 Q2=72
cache_dir diskd /var/spool/squid/cache4 6000 16 256 Q1=64 Q2=72
cache_dir diskd /var/spool/squid/cache5 6000 16 256 Q1=64 Q2=72
#cache_dir diskd /var/spool/squid/cache6 6000 16 256 Q1=64 Q2=72
#cache_dir diskd /var/spool/squid/cache7 6000 16 256 Q1=64 Q2=72
#diskd_program /usr/lib/squid/diskd-daemon
#Mantendo objetos recentes e pequenos na memoria
memory_replacement_policy heap GDSF
#Mantendo objetos recentes no disco (independente do tamanho)
cache_replacement_policy heap LFUDA
#Ativando pools de memoria, evitando o Squid ficar realocando memoria toda hora que precisar, manter pools de 32MB
#memory_pools on
#memory_pools_limit 32 MB
error_directory /usr/share/squid/errors/Portuguese
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl sites url_regex "/etc/squid/sites.txt"
acl sites2 dstdomain "/etc/squid/sites.txt"
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny sites all
http_access deny sites2 all
http_access allow all
icp_access allow all
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
#Estas 'refresh_pattern' fazem com que o squid mantenha o maximo
#possivel um objeto em cache, aumentando o cache HIT e byte HIT
refresh_pattern -i \.jpg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.gif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.png$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.jpeg$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.bmp$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tif$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tiff$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.swf$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.html$ 0 20% 1440
refresh_pattern -i \.htm$ 0 20% 1440
refresh_pattern -i \.shtml$ 0 20% 1440
refresh_pattern -i \.shtm$ 0 20% 1440
refresh_pattern -i \.mov$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.avi$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.mpg$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.mpeg$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.qtm$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.flv$ 2880 80% 21600 reload-into-ims
refresh_pattern -i \.wav$ 1440 100% 4320 reload-into-ims
refresh_pattern -i \.au$ 1440 100% 4320 reload-into-ims
refresh_pattern -i \.mid$ 1440 100% 4320 reload-into-ims
refresh_pattern -i \.mp3$ 2880 100% 21600 reload-into-ims
refresh_pattern -i \.zip$ 7200 50% 21600 reload-into-ims
refresh_pattern -i \.gz$ 0 50% 10080 reload-into-ims
refresh_pattern -i \.arj$ 0 50% 4320 reload-into-ims
refresh_pattern -i \.lha$ 0 50% 4320 reload-into-ims
refresh_pattern -i \.lzh$ 0 50% 4320 reload-into-ims
refresh_pattern -i \.rar$ 7200 50% 21600 reload-into-ims
refresh_pattern -i \.tgz$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.tar$ 0 50% 21600 reload-into-ims
refresh_pattern -i \.Z$ 0 50% 4320 reload-into-ims
refresh_pattern -i \.sit$ 0 50% 4320 reload-into-ims
refresh_pattern -i \.pdf$ 7200 50% 10080 reload-into-ims
##### Cache do Windows Update #####
##refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
##refresh_pattern download.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
##refresh_pattern msgruser.dlservice.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
##refresh_pattern windowsupdate.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
##refresh_pattern
www.microsoft.com/.*\.(cab|exe|msi) 10080 100% 43200 reload-into-ims
## o que nao bater nas regras acima, os valores abaixo segura como padrao...
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
extension_methods REPORT MERGE MKACTIVITY CHECKOUT
hosts_file /etc/hosts
coredump_dir /var/spool/squid