to testando um servidor com squid/iptables/sarg, instalano no Kubuntu...
ta tudo funcionando certinho, aqui onde eu estou tem 3 maquinas usando o servidor proxy.
então creio eu que no relatorio deveria estar apenas essas 3 maquinas, porem na primeira pagina
me mostra uma porrada de endereços externos, tipo 200.x.x.x.x. como se fossem maquinas que acessaram a internet pelo meu proxy, e dentro desses links me mostram outros endereços de ip
com o status DENIED.
alguem já passou por isso??
==========================
http_port 192.168.0.60:3128
error_directory /usr/share/squid/errors/Portuguese
cache_dir ufs /var/spool/squid/ 100 16 256
hierarchy_stoplist cgi-bin
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY
cache_mem 32 MB
cache_access_log /var/log/squid/access.log
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl rede_interna src 192.168.0.0/24
acl proibidos url_regex -i "/etc/squid/proibidos"
http_access deny proibidos
http_access allow rede_interna
http_access deny all
icp_access allow rede_interna
cache_mgr [email protected]
visible_hostname Servidor_Linux_Squid/Iptables_Kubuntu
logfile_rotate 10
#======================================
#Sarg.conf
#======================================
language Portuguese
access_log /var/log/squid/access.log
title "Squid - Relatorio de Acessos a internet"
font_face Tahoma,Verdana,Arial
header_color darkblue
header_bgcolor blanchedalmond
font_size 15px
background_color white
text_color #000000
text_bgcolor lavender
title_color green
temporary_dir /tmp
output_dir /var/www/squid-reports
resolve_ip yes
user_ip no
topuser_sort_field BYTES reverse
user_sort_field BYTES reverse
exclude_users /etc/squid/sarg.users
exclude_hosts /etc/squid/sarg.hosts
date_format e
lastlog 0
remove_temp_files yes
index yes
index_tree file
overwrite_report yes
records_without_userid ip
use_comma yes
mail_utility mailx
topsites_num 100
topsites_sort_order CONNECT D
index_sort_order D
exclude_codes /etc/squid/sarg.exclude_codes
max_elapsed 28800000
downloads
report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads
usertab /etc/squid/sarg.usertab
long_url no
date_time_by bytes
charset Latin1
show_read_statistics no
topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE
topuser_num 0
site_user_time_date_type table
download_suffix "zip,arj,bzip,gz,ace,doc,iso,adt,bin,cab,com,dot,drv$,lha,lzh,mdb,mso,ppt,rtf,src,shs,sys,exe,dll,mp3,avi,mpg,mpeg"
#======================================
agradeço desde já!