Ola pessoal, estou usando o slackware 10.1, tento usar a autenticacao do squid mas ele diz nao encontrar a maquina, nao sei mais o que fazer, portanto vou relatar tudo o que fiz desde o inicio.
1 - instalacao do squid
# ps aux | grep squid
root 5057 0.0 0.1 1688 600 pts/1 R+ 14:45 0:00 grep squid
2 - meu squid.conf
# Inicio do squid.conf
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
icp_port 0
cache_mem 150 MB
maximum_object_size 4096 KB
cache_dir ufs /var/spool/squid 500 16 256
auth_param basic program /usr/libexec/ncsa_auth /etc/squid/passwd
auth_param basic children 30
auth_param basic realm Digite seu Login e Senha
connect_timeout 2 minutes
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
emulate_httpd_log off
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl horario_normal time MTWHF 06:00-20:00
acl rede_interna src 10.100.21.0/255.255.255.0
acl porno url_regex -i "/etc/squid/porno"
acl regraurl urlpath_regex "/etc/squid/regra_de_url"
acl password proxy_auth REQUIRED
http_access allow password
http_access allow rede_interna
http_access allow horario_normal
http_access deny porno
http_access deny regraurl all
http_access deny manager
http_access deny !Safe_ports
http_access deny all
http_reply_access allow all
icp_access allow all
miss_access allow all
cache_mgr [email protected]
cache_effective_group squid
visible_hostname localhost
store_avg_object_size 4 KB
#httpd_accel_port 80
#httpd_accel_host virtual
#httpd_accel_with_proxy on
#httpd_accel_uses_host_header on
coredump_dir /var/spool/squid
3 - minhas regras de firewall (ja to aceitando tudo, nao recuso quase nada)
#!/bin/sh
touch /var/lock/subsys/local
echo 1>/proc/sys/net/ipv4/ip_forward
# carrega os modulos de ip
modprobe ip_tables
modprobe iptable_nat
# limpa todas as regras de firewall
iptables -F
iptables -t nat -F
# aceita tudo
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
# para o squid
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
# rede local receber e-mails
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# abre para rede local
iptables -A INPUT -p tcp --syn -s 10.100.21.0/255.255.255.0 -j ACCEPT
# FECHA A PORTA SSH E ABRE APENAS PARA OS ESPECIFICOS
iptables -A INPUT -p tcp --syn --dport 22 -j DROP
iptables -A INPUT -p tcp --syn -s 10.30.26.2 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --syn -s 10.100.16.1 --dport 22 -j ACCEPT
# PORTA MSN
iptables -A INPUT -p tcp --syn --dport 1863 -j ACCEPT
pronto somente isso, mas eu tenho outras regras basicas, pacotes danificados, ping malicioso, etc...
4 - configurei as estacoes win98 para o proxie e qdo tento acessar a internet pelo explorer ele diz localizando 10.100.21.1 e depois acusa NAO ENCONTRADO, mas se eu nao encontrasse nao estaria podendo trabalhar com o SAMBA, o que estou fazendo de errado ?