Página 3 de 4 PrimeiroPrimeiro 1234 ÚltimoÚltimo
+ Responder ao Tópico




  1. Olá, resolvi configurar outro proxy com fedora 9+squid3.0+iptables.

    o iptables e samba iniciam certinho, porem o squid nao inicializa apreentando a seguinte mensagem:
    {root@TEste_proxy ~]#service squid start
    2008/08/06 08:40:42| Processing Configuration File: /etc/squid/squid.conf(depth0)
    2008/08/06 08:40:42| Starting Authentication on port 0.0.0.0:14348
    2008/08/06 08:40:42| Disabling Authentication on port 0.0.0.0:14348(interception enabled)
    2008/08/06 08:40:42| Initializing https proxy context
    Iniciando o squid: ………………………………. [FALHOU]
    {root@TEste_proxy ~]#

    SQUID.conf

    http_port 3128 transparent accel vhost vport

    cache_mem 64 MB
    cache_swap_low 90
    cache_swap_high 95
    cache_dir ufs /var/squid/cache 1000 16 256

    maximum_object_size_in_memory 64 KB
    minimum_object_size 0 KB
    maximum_object_size 4096 MB
    cache_access_log /var/squid/access.log
    error_directory /usr/share/squid/errors/Portuguese
    ftp_user Squid@

    auth_param ntlm program /usr/lib64/squid/ntlm_auth
    auth_param ntlm children 5
    acl webdav method PROPFIND TRACE PURGE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK
    acl outlook url_regex "/etc/squid/listas/domoutlook"
    always_direct allow outlook
    always_direct allow webdav

    acl usuario proxy_auth REQUIRED
    acl update url_regex -i "/etc/squid/listas/update"
    acl baduser proxy_auth_regex -i "/etc/squid/listas/baduser"
    acl privusers proxy_auth_regex -i "/etc/squid/listas/privusers"
    acl TI proxy_auth_regex -i "/etc/squid/listas/ti"
    acl liberados url_regex "/etc/squid/listas/liberados"
    acl liberadownloads url_regex -i "/etc/squid/listas/liberadownloads"
    acl bloqueados url_regex "/etc/squid/listas/bloqueados"
    acl bloqoutros url_regex "/etc/squid/listas/bloqoutros"
    acl bloqgeral url_regex "/etc/squid/listas/bloqgeral"
    acl bloqdownloads url_regex -i "/etc/squid/listas/bloqdownloads"
    acl listabranca url_regex -i "/etc/squid/listas/listabranca"
    acl ipprivilegio src "/etc/squid/listas/ipprivilegio"


    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 8888 # http - Sodexhopass (Andre)
    acl Safe_ports port 82 # http - Saganet (Douglas)
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT

    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow ti

    # regras de downloads
    http_access allow liberadownloads
    http_access allow ipprivilegio !bloqgeral
    http_access deny bloqdownloads
    # regras usando as listas de sites
    http_access allow update
    http_access deny baduser !listabranca
    http_access deny bloqgeral !liberados
    http_access deny bloqueados !liberados
    http_access allow privusers
    http_access deny bloqoutros !liberados
    http_access allow usuario !baduser
    http_access allow all
    icp_access allow all
    always_direct allow all
    visible_hostname on



    #IPTABLES
    #Estas linhas dever ser acrescentadas em algum arquivo ex.: /etc/rc.local
    #. /etc/rc.d/init.d/functions
    #. /etc/sysconfig/network

    # echo 1 > /proc/sys/net/ipv4/ip_forward
    # /sbin/modprobe iptable_nat
    # iptables -F
    # iptables -t nat -F
    # iptables -t nat -A PREROUTING -s 0/0 -p tcp --dport 80 -j REDIRECT --to-port 3128
    # iptables -t nat -A PREROUTING -s 0/0 -p udp --dport 80 -j REDIRECT --to-port 3128
    # iptables -t nat -A POSTROUTING -s 0/0 -o eth1 -j MASQUERADE

    #IPTABLES
    #Estas linhas dever� ser acrescentadas em algum arquivo ex.: /etc/rc.local
    /etc/rc.d/init.d/functions
    /etc/sysconfig/network

    echo 1 > /proc/sys/net/ipv4/ip_forward
    /sbin/modprobe iptable_nat
    iptables -F
    iptables -t nat -F

    ##REDIRECIONA PORTA 8080 PARA 3128

    iptables -t nat -A PREROUTING -s 0/0 -p tcp --dport 80 -j REDIRECT --to-port 3128
    iptables -t nat -A PREROUTING -s 0/0 -p udp --dport 80 -j REDIRECT --to-port 3128
    iptables -t nat -A POSTROUTING -s 0/0 -o eth0 -j MASQUERADE


    ##LIBERANDO PORTAS DO OUTLOOK
    iptables -I FORWARD -s 10.X.X.X/24 -p tcp --dport 25 -j ACCEPT
    iptables -I FORWARD -s 10.X.X.X/24 -p tcp --dport 110 -j ACCEPT
    ##FIM LIBERA PORTAS OUTLOOK

    ##BLOQUEIO DE MSN
    iptables -A FORWARD -s 10.X.X.0/24 -p tcp --dport 1863 -j REJECT
    iptables -A FORWARD -s 10.X.X.0/24 -d loginnet.passport.com -j REJECT

    ##BLOQUEI COMPUTADOR POR IP
    iptables -A INPUT -s 10.X.X.X -j DROP
    ##FIM REGRA

    # Liberando Porta 554 - Radios Web
    #$IPTABLES -A FORWARD -s 10.X.X.X/24 -p tcp --dport 554 -j ACCEPT -> IDA
    #$IPTABLES -A FORWARD -d 10.X.X.X/24 -p tcp --sport 554 -j ACCEPT <- VOLTA

    ##LIBERA PORTA PARA SANTA INES
    $iptables -t nat -A POSTROUTING -s 10.X.X.X/24 -p tcp --dport 3389 -j MASQUERADE
    ##LIBERA PORTA PARA ACESSO REMOTO
    $iptables -t nat -A POSTROUTING -s 10.X.X.X/24 -p tcp --dport 7024 -j MASQUERADE

    #Scripts para iniciar Samba e Winbind
    /etc/init.d/smb start
    /etc/init.d/winbind start
    #Script para iniciar squid
    /usr/sbin/squid

  2. seria bom dar uma lida no manual....


    http_port 3128 transparent accel vhost vport

    ta errado..

    tenta so com

    http_port 3128 transparent



  3. eu coloque http_port 3128 transparent

    Porem a menssagem é a mesma e o squid nao inicializa.

    Ja fiz testes colocando somente configuraçoes basicas, mesmo assim o squid nao inicializa.


    alguma sugestao?

  4. o que diz no /var/log/squid/cache.log ?



  5. Segue o cache.log



    2008/08/06 11:41:30| Adding domain aparecida.icflab.com.br from /etc/resolv.conf
    2008/08/06 11:41:30| Adding nameserver 201.10.128.3 from /etc/resolv.conf
    2008/08/06 11:41:30| Adding nameserver 201.10.120.3 from /etc/resolv.conf
    2008/08/06 11:41:30| Adding nameserver 10.14.2.2 from /etc/resolv.conf
    2008/08/06 11:41:30| User-Agent logging is disabled.
    2008/08/06 11:41:30| Referer logging is disabled.
    2008/08/06 11:41:30| Unlinkd pipe opened on FD 12
    2008/08/06 11:41:30| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
    2008/08/06 11:41:30| Swap maxSize 1024000 KB, estimated 78769 objects
    2008/08/06 11:41:30| Target number of buckets: 3938
    2008/08/06 11:41:30| Using 8192 Store buckets
    2008/08/06 11:41:30| Max Mem size: 65536 KB
    2008/08/06 11:41:30| Max Swap size: 1024000 KB
    2008/08/06 11:41:31| /var/squid/cache/swap.state: (13) Permission denied
    FATAL: commonUfsDirOpenSwapLog: Failed to open swap log.
    Squid Cache (Version 3.0.STABLE7): Terminated abnormally.
    CPU Usage: 0.035 seconds = 0.022 user + 0.013 sys
    Maximum Resident Size: 0 KB
    Page faults with physical i/o: 0
    2008/08/06 11:41:34| Starting Squid Cache version 3.0.STABLE7 for x86_64-redhat-linux-gnu...
    2008/08/06 11:41:34| Process ID 9159
    2008/08/06 11:41:34| With 1024 file descriptors available
    2008/08/06 11:41:34| DNS Socket created at 0.0.0.0, port 52330, FD 7
    2008/08/06 11:41:34| Adding domain aparecida.icflab.com.br from /etc/resolv.conf
    2008/08/06 11:41:34| Adding nameserver 201.10.128.3 from /etc/resolv.conf
    2008/08/06 11:41:34| Adding nameserver 201.10.120.3 from /etc/resolv.conf
    2008/08/06 11:41:34| Adding nameserver 10.14.2.2 from /etc/resolv.conf
    2008/08/06 11:41:34| User-Agent logging is disabled.
    2008/08/06 11:41:34| Referer logging is disabled.
    2008/08/06 11:41:34| Unlinkd pipe opened on FD 12
    2008/08/06 11:41:34| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
    2008/08/06 11:41:34| Swap maxSize 1024000 KB, estimated 78769 objects
    2008/08/06 11:41:34| Target number of buckets: 3938
    2008/08/06 11:41:34| Using 8192 Store buckets
    2008/08/06 11:41:34| Max Mem size: 65536 KB
    2008/08/06 11:41:34| Max Swap size: 1024000 KB
    2008/08/06 11:41:34| /var/squid/cache/swap.state: (13) Permission denied
    FATAL: commonUfsDirOpenSwapLog: Failed to open swap log.
    Squid Cache (Version 3.0.STABLE7): Terminated abnormally.
    CPU Usage: 0.032 seconds = 0.024 user + 0.008 sys
    Maximum Resident Size: 0 KB
    Page faults with physical i/o: 0
    2008/08/06 11:43:44| Starting Squid Cache version 3.0.STABLE7 for x86_64-redhat-linux-gnu...
    2008/08/06 11:43:44| Process ID 9176
    2008/08/06 11:43:44| With 1024 file descriptors available
    2008/08/06 11:43:44| Performing DNS Tests...
    2008/08/06 11:43:44| Successful DNS name lookup tests...
    2008/08/06 11:43:44| DNS Socket created at 0.0.0.0, port 56340, FD 7
    2008/08/06 11:43:44| Adding domain aparecida.icflab.com.br from /etc/resolv.conf
    2008/08/06 11:43:44| Adding nameserver 201.10.128.3 from /etc/resolv.conf
    2008/08/06 11:43:44| Adding nameserver 201.10.120.3 from /etc/resolv.conf
    2008/08/06 11:43:44| Adding nameserver 10.14.2.2 from /etc/resolv.conf
    2008/08/06 11:43:44| User-Agent logging is disabled.
    2008/08/06 11:43:44| Referer logging is disabled.
    2008/08/06 11:43:44| Unlinkd pipe opened on FD 12
    2008/08/06 11:43:44| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
    2008/08/06 11:43:44| Swap maxSize 1024000 KB, estimated 78769 objects
    2008/08/06 11:43:44| Target number of buckets: 3938
    2008/08/06 11:43:44| Using 8192 Store buckets
    2008/08/06 11:43:44| Max Mem size: 65536 KB
    2008/08/06 11:43:44| Max Swap size: 1024000 KB
    2008/08/06 11:43:44| Rebuilding storage in /var/squid/cache (DIRTY)
    2008/08/06 11:43:44| Using Least Load store dir selection
    2008/08/06 11:43:44| Current Directory is /etc/rc.d/init.d
    2008/08/06 11:43:44| Loaded Icons.
    2008/08/06 11:43:44| Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 13.
    2008/08/06 11:43:44| HTCP Disabled.
    2008/08/06 11:43:44| Ready to serve requests.
    2008/08/06 11:43:46| Done scanning /var/squid/cache swaplog (0 entries)
    2008/08/06 11:43:46| Finished rebuilding storage from disk.
    2008/08/06 11:43:46| 0 Entries scanned
    2008/08/06 11:43:46| 0 Invalid entries.
    2008/08/06 11:43:46| 0 With invalid flags.
    2008/08/06 11:43:46| 0 Objects loaded.
    2008/08/06 11:43:46| 0 Objects expired.
    2008/08/06 11:43:46| 0 Objects cancelled.
    2008/08/06 11:43:46| 0 Duplicate URLs purged.
    2008/08/06 11:43:46| 0 Swapfile clashes avoided.
    2008/08/06 11:43:46| Took 1.79 seconds ( 0.00 objects/sec).
    2008/08/06 11:43:46| Beginning Validation Procedure
    2008/08/06 11:43:46| Completed Validation Procedure
    2008/08/06 11:43:46| Validated 25 Entries
    2008/08/06 11:43:46| store_swap_size = 0
    2008/08/06 11:43:46| storeLateRelease: released 0 objects
    Agradeço a ajuda....






Tópicos Similares

  1. Avast não atualiza através de squid transparente
    Por arium no fórum Servidores de Rede
    Respostas: 9
    Último Post: 11-07-2008, 12:53
  2. Respostas: 0
    Último Post: 27-10-2007, 09:23
  3. Conectividade Social Através de Proxy Transparente no Suse 9.3
    Por elcinfo no fórum Sistemas Operacionais
    Respostas: 3
    Último Post: 12-03-2006, 08:42
  4. Windows 2003 Server não Acessa o Samba
    Por alexmendes no fórum Servidores de Rede
    Respostas: 1
    Último Post: 07-12-2004, 02:09

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L