+ Responder ao Tópico



  1. #1

    Padrão squid 2.7 nao navega

    ola amigos estou com uma rb750g com mk v.4.11 e o thunder 3.1, estou com um problema o squid nao esta navegando quando eu abilito a regra no firewall, mas o thunder esta funcionando blz coloco um link de um video do youtube e ele abre a armazena o video so que o squid nao abre paginas ele registra la no relatorio as paginas que tentei abrir mas nao abre elas no navegador nao sei o que pode estar errado.

  2. #2

    Padrão Re: squid 2.7 nao navega

    Porque vc não usa a versão 6 do Thunder ?
    Cara simplismente falar que não funciona, fica dificil o pessoal saber o que está acontecendo.
    Passe as regras, logs de erro(se tiver) ...etc a galera precisa entender seu ambiente pra poder te ajudar

  3. #3

    Padrão Re: squid 2.7 nao navega

    meu amigo sou novo em cache full e em mk, por isso conto com a ajuda de vcs,
    e enquanto a usar o thunder 6 ja tinha baixado um tutotial do 3.1 com o lusca resolvi testar esse mesmo mas derrepende posso testar 6 que deve ser melhor. bom vou passar para vcs as minhas configuraçoes.


    squid.conf

    http_port 3128 transparent
    icp_port 0
    cache_replacement_policy heap LFUDA
    cache_dir aufs /cache/squid 980000 128 128
    memory_replacement_policy heap GDSF
    cache_mem 512 MB
    maximum_object_size 80 MB
    minimum_object_size 2 KB
    maximum_object_size_in_memory 16 KB
    cache_swap_low 90
    cache_swap_high 95
    ipcache_size 1024
    fqdncache_size 1024
    ipcache_low 90
    ipcache_high 95
    acl QUERY urlpath_regex cgi-bin \?
    no_cache deny QUERY
    mime_table /etc/squid/mime.conf
    pid_filename /var/run/proxy.pid
    debug_options ALL,1
    log_fqdn off
    refresh_pattern ^ftp: 15 20% 2280
    refresh_pattern ^gopher: 15 0% 2280
    refresh_pattern . 15 20% 2280
    acl all src 0.0.0.0/0
    acl redeinterna src 0.0.0.0/0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443 563 82
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    acl thunder_lst url_regex -i "/etc/thunder/thunder.lst"
    cache deny thunder_lst
    cache_peer 192.200.10.2 parent 8080 0 proxy-only no-digest
    dead_peer_timeout 2 seconds
    cache_peer_access 192.200.10.2 allow thunder_lst
    cache_peer_access 192.200.10.2 deny all
    http_access allow manager localhost
    http_access allow redeinterna
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    cache_mgr localhost
    cache_effective_user squid
    cache_effective_group squid
    visible_hostname lusca
    dns_testnames registro.br
    cache_log /var/log/squid/cache.log
    cache_store_log /var/log/squid/store.log
    cache_access_log /var/log/squid/access.log
    zph_mode tos
    zph_local 0×08
    zph_parent 0
    zph_option 136
    visible_hostname localhost
    cache_mgr localhost
    pid_filename /var/run/proxy.pid
    cache_effective_user squid
    cache_effective_group squid


    Regras


    /ip firewall filter
    add action=accept chain=forward comment="Aceita thunder" disabled=no \
    src-address=192.200.10.0/30



    /ip firewall mangle
    add action=mark-connection chain=postrouting comment="THUNDER CACHE FULL =====\
    ==========================================================================\
    =======================" content="X-Cache: HIT from Thunder" disabled=no \
    new-connection-mark=thunder-connection passthrough=yes protocol=tcp \
    src-address=192.200.10.2
    add action=mark-packet chain=postrouting comment="" connection-mark=\
    thunder-connection disabled=no new-packet-mark=thunder-packs passthrough=\
    yes
    add action=mark-connection chain=postrouting comment="TOS 12==================\
    ==========================================================================\
    =========================" disabled=no dscp=12 new-connection-mark=\
    proxy-hits passthrough=yes protocol=tcp src-address=192.200.10.2
    add action=mark-packet chain=postrouting comment="" connection-mark=\
    proxy-hits disabled=no new-packet-mark=proxy-squid passthrough=yes


    /queue tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=8M name="T -cache_hits" packet-mark=proxy-squid parent=\
    global-out priority=4 queue=default
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=8M name=ThunderCache packet-mark=thunder-packs parent=\
    global-out priority=4 queue=default




    /ip firewall address-list
    add address=69.147.95.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=209.191.106.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=74.6.228.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=98.136.131.0/24 comment="\"\"\"\"YAHOO MAIL\"\"\"\"" disabled=no \
    list=nobalance
    add address=200.143.37.0/24 comment="\"\"\"\"WEBMOTORS\"\"\"\"" disabled=no \
    list=nobalance
    add address=65.54.0.0/16 comment=MSN1 disabled=no list=nobalance
    add address=207.46.0.0/16 comment=MSN2 disabled=no list=nobalance
    add address=64.4.0.0/16 comment=MSN3 disabled=no list=nobalance
    add address=200.143.0.0/16 comment=Pagdigital disabled=no list=nobalance
    add address=201.88.0.0/16 comment=f2b disabled=no list=nobalance
    add address=200.201.0.0/16 comment="caixa economica" disabled=no list=\
    nobalance
    add address=170.66.0.0/16 comment="bb do brasil" disabled=no list=nobalance
    add address=200.155.0.0/16 comment=bradesco disabled=no list=nobalance
    add address=200.196.0.0/16 comment=itau disabled=no list=nobalance
    add address=200.208.0.0/16 comment=sudameris disabled=no list=nobalance
    add address=200.220.0.0/16 comment=santander disabled=no list=nobalance
    add address=201.63.0.0/16 comment="wwws bradesco" disabled=no list=nobalance
    add address=65.55.0.0/16 comment=MSN4 disabled=no list=nobalance
    add address=74.52.0.0/16 comment="caixa economica" disabled=no list=nobalance
    add address=174.133.0.0/16 comment="caixa economica" disabled=no list=\
    nobalance
    add address=200.219.137.0/24 comment="" disabled=no list=nobalance
    add address=200.252.8.0/24 comment="" disabled=no list=nobalance
    add address=201.2.207.0/24 comment="" disabled=no list=nobalance
    add address=200.196.226.0/24 comment="" disabled=no list=nobalance
    add address=201.24.72.0/24 comment="" disabled=no list=nobalance
    add address=78.46.46.139 comment="" disabled=no list=nobalance


    /ip firewall nat
    add action=accept chain=dstnat comment=\
    "\"\"\"\"\"\"SERVI\C7OS NOBRES FORA DO PROXY\"\"\"\"\"\"" disabled=no \
    dst-address-list=nobalance dst-port=80 protocol=tcp


    /ip firewall nat
    add action=dst-nat chain=dstnat comment=\
    "\"\"\"\"\"\"REDIRECIONAMENTO PARA O SERVIDOR\"\"\"\"\"\"\"" disabled=yes \
    dst-port=85 protocol=tcp to-addresses=192.200.10.2 to-ports=8291


    /ip firewall nat
    add action=dst-nat chain=dstnat comment="Redirect Thunder" disabled=yes \
    dst-port=80 protocol=tcp src-address=10.0.0.0/24 to-addresses=\
    192.200.10.2 to-ports=3128



    aguardo.