boa tarde pessoal
estou enfrentando um problema na rede e ja torrei minha cuca e nao consegui desvendar o que esta acontecendo.
tentei implementar autenticação de mac na minha rede...por parte deu certo..mas varios micros estão sendo bloqueados mesmo colocando o mac deles na lista
segue a minha configuração squid:
http_port 3128
visible_hostname servfirewall
error_directory /usr/share/squid/errors/Portuguese/
cache_mem 341 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 6144 KB
minimum_object_size 2 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 12000 16 256
cache_access_log /var/log/squid/access.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 901
acl Safe_ports port 1025-65535
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
visible_hostname Administrador.Rede-Andre.Masson
#----------------------------forca o uso do proxy-------------------------------
auth_param basic realm ENTRE COM SEU LOGIN E SENHA, ESTE SERVICO E UM PRIVILEGIO E NAO UM DIREITO, PORTANTO USE-O COM RESPONSABILIDADE -CPDS-Andre.Masson-PM.Altinopolis-
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
acl autenticados proxy_auth REQUIRED
auth_param basic credentialsttl 2 hour
auth_param basic casesensitive off
#----------------------------bloqueia site que mandam virus---------------------
acl bloqvirus url_regex -i "/etc/squid/bloqvirus"
http_access deny bloqvirus
#--------------------------macs na rede---------------------------------
acl macspermitidos arp "/etc/squid/macs"
#----------------------------ips liberados para acessar sites-------------------
acl liberado src 10.1.1.188 10.1.1.192 10.1.1.23 10.1.1.25
#----------------------------libera smartphone----------------------------------
acl smartphone src 10.1.1.240 10.1.1.241 10.1.1.1
http_access allow smartphone
#---------------------------sites permitidos------------------------------------
acl permitidos url_regex -i "/etc/squid/permitidos"
http_access allow permitidos
#----------------------------bloqueando sites-----------------------------------
acl bloqueados url_regex -i "/etc/squid/bloqueados"
http_access deny bloqueados !liberado
#----------------------------bloqueando nomes-----------------------------------
#acl proibido dstdom_regex "/etc/squid/proibido"
#http_access deny proibido
#----------------------------libera extencoes-----------------------------------
#acl liberadoext src
#----------------------------bloqueando extencoes-------------------------------
acl extban url_regex -i \.avi \.mp3 \.torrent \.rmbv \.mpg \.wma \.wmv \.iso \.mp4 \.flv .\msi .\mov .\nrg .\mdf .\mpeg
http_access deny extban !liberado
#----------------------------libera msn-------------------------------------------------
acl libmsn src 10.1.1.18 10.1.1.188 10.1.1.37 10.1.1.60 10.1.1.25 10.1.1.23 10.1.1.31
#----------------------------bloqueia msn----------------------------------------
acl bloqmsn url_regex -i "/etc/squid/bloqmsn"
http_access deny bloqmsn !libmsn
#---------------------------libera banda de internet----------------------------
acl libera400k src 10.1.1.1 10.1.1.188 10.1.1.23 10.1.1.25 10.1.1.192 10.1.1.2 10.1.1.253
acl libera200k src 10.1.1.60 10.1.1.72 10.1.1.126 10.1.1.17 10.1.1.11 10.1.1.13
#-----------------------------configuracoes de banda----------------------------
acl redelocal src 10.1.1.0/24
http_access deny !redelocal
#http_access deny !macspermitidos
delay_pools 3
delay_class 1 2
delay_parameters 1 204800/204800 51200/51200
delay_access 1 allow libera400k
#-------------------------------------------------------------------------------
delay_class 2 2
delay_parameters 2 179200/179200 25600/25600
delay_access 2 allow libera200k
#-------------------------------------------------------------------------------
delay_class 3 2
delay_parameters 3 507904/507904 7040/7040
delay_access 3 allow redelocal
#-------------------------------------------------------------------------------
http_access allow autenticados
http_access allow localhost
http_access allow redelocal
http_access deny all
e minha lista de macs:
00:02:2A:E5:32:39
00:1D:7D:87:FE:3A
00:1D:92:5E:5A:A5
00:08:54:277:3B
00:E1:26:08:18:6A
00:19:7E:97:18A
00:06:4F:6C:4D:BB
00:06:4F:6C:54:FD
00:E0:7D:F5:2D:81
00:40:F4:55:f6:EC
00:16:ECE:10:95
00:E1:26:08:11:E6
00:0F:EA:9E:72:6B
00:0F:EA:AE:33:7E
00:1D:7D:88:08:44
00:08:54:277:3C
00:24:21:C4:43:26
00:24:21:C4:43:5B
00:0A:E6:86:2B:56
00:08:54:0F:146
00:02:2A:E5:41:A9
00:1D:7D:88:05:9B
00:1D:7D:8B:30:5A
00:11:5B:38E:68
00:0A:E6:1A:C6:00
00:0F:EA:9E:6F:AD este nao pega
00:24:21:C4:43:51
00:19:21:04:B2:3D este nao pega
00:11:5B:F5:EB:61
00:134:42:0F:EF este nao pega
00:0F:EA:AE:34:02
00:19:66:B2:46:62
00:08:54:20:30:94
00:00:00:00:00:10 este nao pega
00:1F0:FF:AB:FE
00:22:68:4E:6B:5E
00:58:1C:00:00:48
00:19:21:91:6F:46
00:A1:B0:01:A8:F6
00:1A:4D:78:51:47
00:11:5B:F5:E4:7D este nao pega
00:134:29:AA:A2
00:0F:EA:9E:77:E6
00:24:21:88A:8A
00:E0:7D5D:4D este nao pega
00:0F:EA:A4:94:0C
00:0F:EA:AE:38:93
00:18:F3C:99:23
00:08:54:20:CA:ED
00:1D:7D:F4:CF:5A
00:0D:87:07:04:68
00:18:F3C:8E:EE
00:02:2A:E5:32:76
00:1D:92:5E:21:33
00:1D:92:5F:499
00:1D:92:5E:1F:CF
00:E1:26:08:14:E6
00:21:00:5B:B5:7C
00:23:4E:66:71:2D
00:21:00:65:FC:F0
00:1D:7D:FB5:85
00:1D:92:E8:4B:03
00:02:2A:E5:41:AB
00:1D:92:E8:4B:0B
00:15:F2:32:50:A3
coloquei alguns q nao pegaram..pois tive que voltar a rede pois parou o serviço de algumas pessoas.
gostaria muito da ajuda de voces pois fiquei um pouco perdido ..nao consegui a achar o erro.
desde ja obriga e um grande abraço a todos.