Página 2 de 2 PrimeiroPrimeiro 12
+ Responder ao Tópico



  1. #6
    Abutre
    Problema Resolvido

  2. Amigos...

    A opção que coloquei acima passa pelo proxy, mas libera o Ip de qualquer ação do proxy (bloqueio de sites, entre outros)... e funciona perfeitamente... tenho mais de 10 servers funcionando desta forma... bem aqui vai o squid.conf:

    (observer que o usuario peter com seu devido Ip estara livre do proxy)

    t+

    #

    http_port 10.42.42.1:8080
    icp_port 0

    #Para proxy transparente
    httpd_accel_host virtual
    httpd_accel_port 80
    httpd_accel_with_proxy on
    httpd_accel_uses_host_header on

    # htcp_port 4827
    # tcp_outgoing_address 255.255.255.255
    # udp_incoming_address 0.0.0.0
    # udp_outgoing_address 255.255.255.255

    # icp_query_timeout 0
    # maximum_icp_query_timeout 2000
    # mcast_icp_query_timeout 2000
    # dead_peer_timeout 10 seconds

    #hierarchy_stoplist cgi-bin ?
    #acl QUERY urlpath_regex cgi-bin \?
    #no_cache deny QUERY


    # OPTIONS WHICH AFFECT THE CACHE SIZE
    # -----------------------------------------------------------------------------

    cache_mem 256 MB
    # cache_swap_low 90
    # cache_swap_high 95
    maximum_object_size 4096 KB

    # minimum_object_size 0 KB
    # maximum_object_size_in_memory 8 KB
    # ipcache_size 1024
    # ipcache_low 90
    # ipcache_high 95
    # fqdncache_size 1024
    # cache_replacement_policy lru
    # memory_replacement_policy lru


    # LOGFILE PATHNAMES AND CACHE DIRECTORIES
    # -----------------------------------------------------------------------------

    cache_dir ufs /var/cache/squid 20000 16 256
    cache_access_log /var/log/squid/access.log
    cache_log /var/log/squid/cache.log
    cache_store_log none
    emulate_httpd_log on

    # log_ip_on_direct on
    # mime_table /etc/squid/mime.conf
    # log_mime_hdrs off
    # pid_filename /var/run/squid.pid
    # debug_options ALL,1
    # log_fqdn off
    # client_netmask 255.255.255.255


    # OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
    # -----------------------------------------------------------------------------

    # ftp_user Squid@
    # ftp_list_width 32
    # ftp_passive on
    # cache_dns_program /usr/lib/squid/
    # dns_children 5
    # dns_retransmit_interval 5 seconds
    # dns_timeout 5 minutes
    # dns_defnames off
    # diskd_program /usr/lib/squid/diskd
    # unlinkd_program /usr/lib/squid/unlinkd
    # pinger_program /usr/lib/squid/pinger
    # redirect_children 5
    # redirect_rewrites_host_header on
    # authenticate_children 5
    # authenticate_ttl 1 hour
    # authenticate_ip_ttl 0 seconds
    # authenticate_ip_ttl_is_strict on

    # OPTIONS FOR TUNING THE CACHE
    # -----------------------------------------------------------------------------

    # wais_relay_port 0
    # request_header_max_size 10 KB
    # request_body_max_size 1 MB
    # reply_body_max_size 0
    # refresh_pattern ^ftp: 1440 20% 10080
    # refresh_pattern ^gopher: 1440 0% 1440
    # refresh_pattern . 0 20% 4320
    # reference_age 1 year
    # quick_abort_min 16 KB
    # quick_abort_max 16 KB
    # quick_abort_pct 95
    # negative_ttl 5 minutes
    # positive_dns_ttl 6 hours
    # negative_dns_ttl 5 minutes
    # range_offset_limit 0 KB

    # TIMEOUTS
    # -----------------------------------------------------------------------------

    connect_timeout 2 minutes

    #peer_connect_timeout 30 seconds
    # siteselect_timeout 4 seconds
    # read_timeout 15 minutes
    #Default:
    # request_timeout 30 seconds
    #Default:
    # client_lifetime 1 day
    #Default:
    # half_closed_clients on
    #Default:
    # pconn_timeout 120 seconds
    #Default:
    # ident_timeout 10 seconds
    #Default:
    # shutdown_lifetime 30 seconds

    # ACCESS CONTROLS
    # -----------------------------------------------------------------------------

    #Recommended minimum configuration:
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl SSL_ports port 443 563
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 563 # https, snews
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT

    #ACL PROSERV NET

    acl proserv src 10.42.42.0/255.255.255.0
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports

    #REGRAS DO USUARIO

    # LIBERA O USUARIO PETER
    acl peter src 10.42.42.251
    http_access allow peter

    acl chatnet urlpath_regex chat
    http_access allow chatnet

    acl libera dstdomain "/usr/local/squid/etc/libera.txt"
    http_access allow libera all

    acl proibido url_regex "/usr/local/squid/etc/proibido.txt"
    http_access deny proibido all

    acl DOWN url_regex -i "/usr/local/squid/etc/down.txt"
    http_access deny DOWN all

    http_access allow proserv
    http_access deny all

    icp_access allow all
    miss_access allow all

    # proxy_auth_realm Squid proxy-caching web server
    # ident_lookup_access deny all

    # ADMINISTRATIVE PARAMETERS
    # -----------------------------------------------------------------------------

    cache_mgr luiz@proservnet.com.br
    cache_effective_user squid
    cache_effective_group squid
    visible_hostname localhost


    # HTTPD-ACCELERATOR OPTIONS
    # -----------------------------------------------------------------------------

    #Default:
    # httpd_accel_port 80
    # httpd_accel_single_host off
    # httpd_accel_with_proxy off
    # httpd_accel_uses_host_header off


    # logfile_rotate 10
    #Default:
    # tcp_recv_bufsize 0 bytes
    #Default:
    # forwarded_for on
    #Default:
    # log_icp_queries on
    #Default:
    # icp_hit_stale off
    #Default:
    # minimum_direct_hops 4
    #Default:
    # minimum_direct_rtt 400

    store_avg_object_size 13 KB

    #Default:
    # store_objects_per_bucket 20
    #Default:
    # netdb_low 900
    # netdb_high 1000
    #Default:
    # netdb_ping_period 5 minutes
    #Default:
    # query_icmp off
    #Default:
    # test_reachability off
    #Default:
    # buffered_logs off
    #Default:
    # reload_into_ims off
    #Default:
    # icon_directory /etc/squid/icons
    # error_directory /etc/squid/errors
    #Default:
    # minimum_retry_timeout 5 seconds
    # maximum_single_addr_tries 3
    # snmp_port 3401
    #Default:
    # snmp_access deny all

    #Default:
    # snmp_incoming_address 0.0.0.0
    # snmp_outgoing_address 255.255.255.255
    #Default:
    # as_whois_server whois.ra.net
    # as_whois_server whois.ra.net

    #Default:
    # wccp_router 0.0.0.0

    #Default:
    # wccp_version 4
    #Default:
    # wccp_incoming_address 0.0.0.0
    # wccp_outgoing_address 255.255.255.255






Tópicos Similares

  1. Liberar máquinas do proxy pelo mac
    Por lfernandosg no fórum Redes
    Respostas: 0
    Último Post: 10-06-2010, 13:59
  2. Liberar o msn no squid para 3 maquinas
    Por slaxpunk no fórum Servidores de Rede
    Respostas: 3
    Último Post: 07-08-2007, 09:11
  3. Liberar msn pelo o squid em algumas maquinas
    Por Xexel no fórum Servidores de Rede
    Respostas: 16
    Último Post: 18-11-2005, 09:12
  4. iptables - liberar algumas maquinas para o msn
    Por robotech no fórum Servidores de Rede
    Respostas: 10
    Último Post: 23-10-2004, 07:22
  5. liberar uma maquina do firewall
    Por daniell no fórum Servidores de Rede
    Respostas: 3
    Último Post: 24-05-2004, 15:18

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L