+ Responder ao Tópico



  1. #1

    Padrão dificuldade com web-cache

    pessoal desculpe pela iguinorancia...... mas tenho notado que meu web-pro nao tem funcionado ...ou funciona mas nao tem gravado no hd..... alguem poderia dar uma olhada em minhas configuraçaes para ver se esta tudo bm mesmo
    aprendi a fazer um looging e observar o que tenho no hd .....mas a pagina do log quando aponto para disk ....parece vazia ....isto esta me intrigando
    OBRIGADO A TODOS PELA PACIENCIA .....PAZ ......
    LEMBRE-SE DEUS ESTA NO COMANDO APESAR DAS DIFICULDADES DA NOSSA VIDA ...


    TErminal vt102 detected, using multiline input mode
    [[email protected]] > ip web
    [[email protected]] ip web-proxy> print
    enabled: yes
    src-address: 0.0.0.0
    port: 3128
    hostname: "proxy"
    transparent-proxy: yes
    parent-proxy: 0.0.0.0:0
    cache-administrator: "webmaster"
    max-object-size: 4096KiB
    cache-drive: system
    max-cache-size: 10485760KiB
    max-ram-cache-size: 98304KiB
    status: running
    reserved-for-cache: 10485760KiB
    reserved-for-ram-cache: 2048KiB
    [[email protected]] ip web-proxy> export
    # feb/09/2008 07:40:57 by RouterOS 2.9.27
    # software id = Z7IJ-KSN
    #
    / ip web-proxy
    set enabled=yes src-address=0.0.0.0 port=3128 hostname="proxy" \
    transparent-proxy=yes parent-proxy=0.0.0.0:0 \
    cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system \
    max-cache-size=10485760KiB max-ram-cache-size=98304KiB
    / ip web-proxy access
    add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
    disabled=no
    add dst-port=23-25 action=deny comment="block telnet & spam e-mail relaying" \
    disabled=no
    add src-address=192.168.1.0/24 dst-port=80 \
    url="%2e%44%4c%4c/%73%70%2e%68%74%6d%6c" action=deny comment="" \
    disabled=no
    add src-address=192.168.1.0/24 dst-port=80 \
    url="%2e%64%6c%6c/%73%70%2e%68%74%6d%6c" action=deny comment="" \
    disabled=no
    add src-address=192.168.1.0/24 dst-port=80 \
    url="%31%2d%73%65%2e%63%6f%6d/%68%6f%6d%65%2e%68%74%6d%6c" action=deny \
    comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url="%62%69%67%62%72%2e%63%63" \
    action=deny comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url="%65%68%74%74%70%2e%63%63" \
    action=deny comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url="%65%68%74%74%70%2e%63%63/" \
    action=deny comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url="%6e%6b%76%64%2e%75%73" \
    action=deny comment="" disabled=no
    add src-address=192.168.10.0/24 dst-port=80 \
    url="%77%77%77%2e%63%6f%6f%6c%77%77%77%73%65%61%72%63%68%2e%63%6f%6d/%7a/%6\
    3/%78%31%2e%63%67%69%36%35%36%33%38%37" action=deny comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 \
    url="%77%77%77%2e%65%2d%66%69%6e%64%65%72%2e%63%63" action=deny comment="" \
    disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url=".dll/index.htm" action=deny \
    comment="" disabled=no
    add src-address=192.168.1.0/24 dst-port=80 url=".dll/sp.htm" action=deny \
    comment="" disabled=no
    add url="http*globo*get_video*" action=allow comment="Globo BBB" disabled=no
    add url="http*globo*video*" action=allow comment="Globo BBB" disabled=no
    add url="http*youtube*get_video*" action=allow comment="youtube" disabled=no
    / ip web-proxy cache
    add url=":cgi-bin \\?" action=allow comment="don't cache dynamic http pages" \
    disabled=no
    add url=":cgi-bin \\?" action=allow comment="don't cache dynamic http pages" \
    disabled=no
    add url=":cgi-bin \\\\?" action=allow comment="no cache dynamic http pages" \
    disabled=no
    add url="https://" action=allow comment="no cache dynamic https pages" \
    disabled=no
    [[email protected]] ip web-proxy>
    .

  2. #2

    Padrão

    bom dia amigo, voce fez o redrecionamento da porta 80 para 3128?
    dstnat?



  3. #3

    Padrão

    olha acho ke voce esta certo as portas estao errado msm.. vou esperimentar mudalas para 80
    a regra dstnat eu nao tenho .......
    voce tem algun exemplo para mim aiiii..

  4. #4

    Smile

    Citação Postado originalmente por pedroso Ver Post
    olha acho ke voce esta certo as portas estao errado msm.. vou esperimentar mudalas para 80
    a regra dstnat eu nao tenho .......
    voce tem algun exemplo para mim aiiii..
    / ip firewall nat add chain=dstnat in-interface=b8c3 dst-address=!200.201.174.0/24 protocol=tcp dst-port=80 action=redirect to-ports=3128 \
    comment="" disabled=yes

    regras de return (tirando sites por fora do proxy)

    / ip firewall nat add chain=dstnat dst-address=200.201.173.0/24 action=return comment="" disabled=yes
    / ip firewall nat add chain=dstnat dst-address=200.201.166.0/24 action=return comment="" disabled=yes
    / ip firewall nat add chain=dstnat dst-address=72.14.207.0/24 action=return comment="" disabled=yes
    / ip firewall nat add chain=dstnat dst-address=200.202.228.36 action=return comment="" disabled=yes
    / ip firewall nat add chain=dstnat dst-address=200.222.115.0/24 action=return comment="" disabled=yes