Srs
Olá a todos...
to configurando o squid 3.0 stable 2 mas o mesmo nao pede autentição.. o serviço sobe.. conecto na 6060 mas ele nao pede nem a autenticação.. já da erro direto... alguem poderia me ajudar?
em meu fwl atual.. autentico por ncsa e msnt... AD... nesta linha (mas axo q o problema eh ainda antes.. sendo que nem pede autenticação...)
jah tentei com a seguinte linha: auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/usuarios.pwd
auth_param basic program /etc/squid/scripts/autentica.pl, onde
[root@diego-fwl scripts]# vi autentica.pl
#!/usr/bin/perl
$|=1;
use IPC::Open2;
open2(*read1,*write1,"/usr/lib/squid/msnt_auth");
open2(*read2,*write2,"/usr/lib/squid/ncsa_auth /etc/squid/usuarios.pwd");
while(<>) {
print write1 $_; $ans = <read1>;
if ($ans =~ /^OK/) { print $ans; next; }
print write2 $_; $ans = <read2>;
if ($ans =~ /^OK/) { print $ans; next; }
print $ans;
}
segue meu conf, desde já agradeço.;.. Diego
# WELCOME TO SQUID 3.0 STABLE2
#Porta
http_port 6060
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic program /etc/squid/scripts/autentica.pl
auth_param basic children 5
auth_param basic realm CONTROLE DE ACESSO A INTERNET
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl password proxy_auth REQUIRED
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
##ACL para acesso ao site do ABNT para o setor de Segurança
acl abntnet url_regex "/var/lib/squidguard/sem_auth_seguranca.destexprlist"
http_access allow abntnet
##Termina aqui
##Limita uso de Banda
acl limita_banda proxy_auth "/etc/squid/regras/limita_banda.txt"
##Termina aqui
##Libera sites do MSN (Utilizado pelo IMCONTROL)
acl sites_noauth url_regex "/var/lib/squidguard/sites_sem_auth.destexprlist"
http_access allow sites_noauth
##Termina aqui
##Libera navegacao sem autenticacao
acl sem_auth src "/etc/squid/regras/ip.txt"
http_access allow sem_auth
##Termina aqui
#Liberando Google Talk
acl libera_gtalk proxy_auth "/etc/squid/regras/libera_gtalk.txt"
#Termina aqui
#Bloqueando Google Talk
acl nega_gtalk url_regex -i "/etc/squid/regras/nega_gtalk.txt"
http_access allow libera_gtalk nega_gtalk
http_access deny nega_gtalk all
#Termina aqui
#Limitando Tamanho Download
#acl limita_download proxy_auth "/etc/squid/regras/libera_download.txt"
#reply_body_max_size 0 allow limita_download
#reply_body_max_size 20971520 allow all
# Termina aqui
#Limitando banda de download
delay_pools 1
delay_class 1 3
delay_parameters 1 -1/-1 -1/-1 5000/5000
delay_access 1 allow limita_banda
#Termina aqui
http_access allow SSL_ports
acl teste url_regex 200.215.176.11 200.215.176.8
http_access allow teste
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow password
http_reply_access allow all
icp_access allow all
tcp_outgoing_address 192.168.7.107
visible_hostname diego-fwl
acl teste url_regex unicred-blumenau
always_direct allow teste
coredump_dir /var/spool/squid
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf