- squid 2.7 nao navega
+ Responder ao Tópico
-
squid 2.7 nao navega
ola amigos estou com uma rb750g com mk v.4.11 e o thunder 3.1, estou com um problema o squid nao esta navegando quando eu abilito a regra no firewall, mas o thunder esta funcionando blz coloco um link de um video do youtube e ele abre a armazena o video so que o squid nao abre paginas ele registra la no relatorio as paginas que tentei abrir mas nao abre elas no navegador nao sei o que pode estar errado.
-
Re: squid 2.7 nao navega
Porque vc não usa a versão 6 do Thunder ?
Cara simplismente falar que não funciona, fica dificil o pessoal saber o que está acontecendo.
Passe as regras, logs de erro(se tiver) ...etc a galera precisa entender seu ambiente pra poder te ajudar
-
Re: squid 2.7 nao navega
meu amigo sou novo em cache full e em mk, por isso conto com a ajuda de vcs,
e enquanto a usar o thunder 6 ja tinha baixado um tutotial do 3.1 com o lusca resolvi testar esse mesmo mas derrepende posso testar 6 que deve ser melhor. bom vou passar para vcs as minhas configuraçoes.
squid.conf
http_port 3128 transparent
icp_port 0
cache_replacement_policy heap LFUDA
cache_dir aufs /cache/squid 980000 128 128
memory_replacement_policy heap GDSF
cache_mem 512 MB
maximum_object_size 80 MB
minimum_object_size 2 KB
maximum_object_size_in_memory 16 KB
cache_swap_low 90
cache_swap_high 95
ipcache_size 1024
fqdncache_size 1024
ipcache_low 90
ipcache_high 95
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
mime_table /etc/squid/mime.conf
pid_filename /var/run/proxy.pid
debug_options ALL,1
log_fqdn off
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
acl all src 0.0.0.0/0
acl redeinterna src 0.0.0.0/0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 82
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl thunder_lst url_regex -i "/etc/thunder/thunder.lst"
cache deny thunder_lst
cache_peer 192.200.10.2 parent 8080 0 proxy-only no-digest
dead_peer_timeout 2 seconds
cache_peer_access 192.200.10.2 allow thunder_lst
cache_peer_access 192.200.10.2 deny all
http_access allow manager localhost
http_access allow redeinterna
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
cache_mgr localhost
cache_effective_user squid
cache_effective_group squid
visible_hostname lusca
dns_testnames registro.br
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
cache_access_log /var/log/squid/access.log
zph_mode tos
zph_local 0×08
zph_parent 0
zph_option 136
visible_hostname localhost
cache_mgr localhost
pid_filename /var/run/proxy.pid
cache_effective_user squid
cache_effective_group squid
Regras
/ip firewall filter
add action=accept chain=forward comment="Aceita thunder" disabled=no \
src-address=192.200.10.0/30
/ip firewall mangle
add action=mark-connection chain=postrouting comment="THUNDER CACHE FULL =====\
==========================================================================\
=======================" content="X-Cache: HIT from Thunder" disabled=no \
new-connection-mark=thunder-connection passthrough=yes protocol=tcp \
src-address=192.200.10.2
add action=mark-packet chain=postrouting comment="" connection-mark=\
thunder-connection disabled=no new-packet-mark=thunder-packs passthrough=\
yes
add action=mark-connection chain=postrouting comment="TOS 12==================\
==========================================================================\
=========================" disabled=no dscp=12 new-connection-mark=\
proxy-hits passthrough=yes protocol=tcp src-address=192.200.10.2
add action=mark-packet chain=postrouting comment="" connection-mark=\
proxy-hits disabled=no new-packet-mark=proxy-squid passthrough=yes
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=8M name="T -cache_hits" packet-mark=proxy-squid parent=\
global-out priority=4 queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=8M name=ThunderCache packet-mark=thunder-packs parent=\
global-out priority=4 queue=default
/ip firewall address-list
add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
list=nobalance
add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
list=nobalance
add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
add address=200.201.0.0/16 comment="caixa economica" disabled=no list=\
nobalance
add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
add address=174.133.0.0/16 comment="caixa economica" disabled=no list=\
nobalance
add address=200.219.137.0/24 comment="" disabled=no list=nobalance
add address=200.252.8.0/24 comment="" disabled=no list=nobalance
add address=201.2.207.0/24 comment="" disabled=no list=nobalance
add address=200.196.226.0/24 comment="" disabled=no list=nobalance
add address=201.24.72.0/24 comment="" disabled=no list=nobalance
add address=78.46.46.139 comment="" disabled=no list=nobalance
/ip firewall nat
add action=accept chain=dstnat comment=\
"\"\"\"\"\"\"SERVI\C7OS NOBRES FORA DO PROXY\"\"\"\"\"\"" disabled=no \
dst-address-list=nobalance dst-port=80 protocol=tcp
/ip firewall nat
add action=dst-nat chain=dstnat comment=\
"\"\"\"\"\"\"REDIRECIONAMENTO PARA O SERVIDOR\"\"\"\"\"\"\"" disabled=yes \
dst-port=85 protocol=tcp to-addresses=192.200.10.2 to-ports=8291
/ip firewall nat
add action=dst-nat chain=dstnat comment="Redirect Thunder" disabled=yes \
dst-port=80 protocol=tcp src-address=10.0.0.0/24 to-addresses=\
192.200.10.2 to-ports=3128
aguardo.