Amigos,
não estou entendendo o seguinte problema que esta havendo no meu servidor freebsd
alguns sites aparecem com Access Denied, sem estar bloqueados em lugar nenhum do squid,
até ja desliguei o squid, e tirei as regras de firewall, deixei a net direta , ele não aparece Access Denied, mas nao entra.
dentre alguns dos sites: www.hp.com e .br, java.com na parte de downloads, foxconnchannel.com, compaq.com e .br, e poucos outros.
detalhe que esse foxconnchannel só bloqueou hoje, e eu notei que os caras mudaram o layout do site.(se eu ligar direto no modem adsl dae vai)
no log consta a seguinte linha:
1149253596.206 6 192.168.0.1 TCP_DENIED/403 1424 GET http://www.hp.com.br/ - NONE/- text/html
1149253596.208 46 192.168.0.127 TCP_MISS/403 1528 GET http://www.hp.com.br/ - DIRECT/192.6.234.17 text/html
meu squid.conf:
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 116 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 45 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir diskd /squid 4512 16 256 Q1=72 Q2=64
cache_access_log /squid/access.log
visible_hostname squid.meuhost.com.br
ftp_user meuemail
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern -i exe$ 0 50% 999999
refresh_pattern -i zip$ 0 50% 999999
refresh_pattern -i tar\.gz$ 0 50% 999999
refresh_pattern -i tgz$ 0 50% 999999
acl all src 192.168.0.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
acl bloqueados dstdomain "/usr/local/etc/squid/bloqueados"
#acl madrugada time 00:00-06:00
#http_access deny madrugada
acl manha time 08:00-12:00
http_access deny bloqueados manha
#acl almoco time 12:00-14:00
#http_access allow bloqueados almoco
acl tarde time 13:30-18:00
http_access deny bloqueados tarde
#acl noite time 19:00-24:00
#http_access deny noite
#acl msn url_regex -i /gateway/gateway.dll
#http_access deny msn
acl redelocal src 192.168.0.0/24
http_access allow redelocal
http_access deny all
#http_access allow all
redirect_program /usr/local/etc/squid/bannerfilter/redirector.pl
logfile_rotate 10
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
meu nat:comando:/sbin/natd -l -f /etc/natd.conf
interface sis0
dynamic yes
same_ports yes
use_sockets yes
meu firewall(pelado jah de tanto teste)
/sbin/ipfw add 00010 divert natd all from any to any via sis0
/sbin/ipfw add 00020 fwd 127.0.0.1,3128 tcp from 192.168.0.1/24 to any 80 via rl0
se os amigos puderem ajudar ou precisarem de mais alguma informação, agradeço desde ja!