Squid parou de bloquear do nada... o q pode ser? squid.conf

[halley]

Então amigos, antes funcionava na boa e tal, eu apenas adicionei o tcp_outgoing do ips_link3 e lá eh baixo o http_access allow ips_link3...

antes funcionava, agora parou do nada, ta tudo liberado pra todo mundo.

alguem tem alguma ideia do que pode ser?

abraçosss

Código :

http_port 192.168.0.30:3128
visible_hostname squid.xxx.com.br
cache_effective_user proxy
cache_effective_group proxy
cache_log /var/log/squid/cache.log
cache_access_log /var/log/squid/access.log
cache_mem 2048 MB
cache_dir diskd /var/spool/squid 30000 64 256 Q1=64 Q2=72
cache_store_log none
maximum_object_size 1024 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 100 KB
range_offset_limit -1
quick_abort_min -1
cache_swap_low 90
cache_swap_high 95
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
max_filedesc 4096
snmp_port 3401
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
no_cache deny QUERY
pipeline_prefetch on
detect_broken_pconn on
half_closed_clients off 
# ACL GERAIS ANTES
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl webserver src 192.168.0.50/255.255.255.255
http_access allow manager webserver
http_access deny manager
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
 
auth_param ntlm program /usr/bin/ntlm_auth = Pxxxx/pcxxx.xxx.com.br --helper-protocol=squid-2.5-ntlmssp
auth_param basic program /usr/bin/ntlm_auth Pxxx/xxx04.xxxx.com.br --helper-protocol=squid-2.5-basic
auth_param basic children 50
auth_param ntlm children 50
auth_param ntlm keep_alive on
auth_param basic credentialsttl 4 years
auth_param basic realm Proxy Server
append_domain .xxx.com.br.
 
refresh_pattern ^ftp:          1440 20%     10080
refresh_pattern ^gopher:         1440 0%     1440
refresh_pattern .            0     20%   4320
 
# ACL Gerais
acl SSL_ports port 443 563
acl Safe_ports port 80        # http
acl Safe_ports port 20 21        # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70        # gopher
acl Safe_ports port 210       # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280       # http-mgmt
acl Safe_ports port 488       # gss-http
acl Safe_ports port 591       # filemaker
acl Safe_ports port 777       # multiling http
acl Safe_ports port 7071       # zimbra
acl Safe_ports port 8180
acl Safe_ports port 3128
acl Safe_ports port 2002       # logmein
acl Safe_ports port 10000       # zimbra
acl Safe_ports port 4845      # partypoker
acl CONNECT method CONNECT
acl acesso proxy_auth REQUIRED # Solicitando a autenticação
 
# BLOQUEIO DE SITES POR EXTENSAO
 
acl msnblock dstdomain "/etc/squid/controle/msnblock"
acl blacklist dstdomain "/etc/squid/controle/blacklist"
acl extensoes url_regex "/etc/squid/controle/extensoes"
acl exe_liberados urlpath_regex -i "/etc/squid/controle/exe_liberados"
 
# ACL CONTROLE DO AD
 
external_acl_type nt_group ttl=2600 children=600 %LOGIN /usr/lib64/squid/wbinfo_group.pl
acl UserPadrao external nt_group userpadrao
acl UserAdmin external nt_group adminnet
acl UserMsn external nt_group msnallow
acl UserAdmti external nt_group admti
 
# ACL DIRECIONAMENTO DE LINK
 
acl ips_link3 src "/etc/ips.link3"
tcp_outgoing_address 201.0.0.3 ips_link3
 
acl ips_link2 src "/etc/ips.link2"
tcp_outgoing_address 200.0.0.0.2 ips_link2
 
acl ips_link1 src "/etc/ips.link1"
tcp_outgoing_address 200.0.0.0.1 ips_link1
 
# ACL Padroes
http_access allow !Safe_ports
http_access allow CONNECT !SSL_ports
 
#ACL BLOCK PALAVRAS
acl blockpalavra url_regex -i "/etc/squid/controle/palavrablock"
 
#ACL SITES LIBERADOS
 
acl liberasite dstdomain -i "/etc/squid/controle/sitesliberados"
 
# ACL BLOCK MSN
acl MSN url_regex -i /gateway/gateway.dll
 
# ACL LIBERA FTP
acl ftp proto FTP
acl ftp2 port 21
 
# ACL Libera google earth
acl ge dstdomain .google.com
 
# Sites que nao passam pelo cache
acl semcache urlpath_regex "/etc/squid/controle/nocache" \?
 
# ACL arrumar erro 407
acl post method POST
 
# Windows Update em Cache
refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern www.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi) 4320 100% 43200 reload-into-ims
 
 
acl BLOCKTALK url_regex -i mail.google.com/mail/channel/bind
 
# Acesso ACL Personalizada
http_access allow post
http_access allow liberasite 
http_access allow ftp
http_access allow ftp2
http_access allow exe_liberados
no_cache deny semcache 
always_direct allow ge
http_access deny UserPadrao MSN BLOCKTALK
http_access deny UserPadrao msnblock
http_access deny UserPadrao blacklist
http_access deny UserPadrao blockpalavra
http_access deny UserMsn extensoes
http_access deny UserPadrao extensoes
http_access deny UserAdmin extensoes
http_access deny UserPadrao BLOCKTALK 
http_access allow UserMsn msnblock 
http_access deny UserMsn blacklist
http_access deny UserMsn blockpalavra
http_access allow ips_link1
http_access allow ips_link2
http_access allow ips_link3
http_access deny all
coredump_dir /var/spool/squid
error_directory /usr/share/squid/errors/Portuguese
# debug_options ALL,2