Duvida com erros do squid

garona
(usa Debian)

Enviado em 10/04/2017 - 20:03h

Boa noite, estou tentando implementar um squid como cache pro windows update, porem obtive os seguintes erros, gostaria de saber como resolve-los, sou iniciante,:
2017/04/10 18:54:32| /etc/squid3/squid.conf:7665 unrecognized: 'memory_repla/cement_policy'
2017/04/10 18:54:32| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2017/04/10 18:54:32| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '::/0' from the ACL named 'all'
2017/04/10 18:54:32| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2017/04/10 18:54:32| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2017/04/10 18:54:32| WARNING: For now we will assume you meant to write /32
2017/04/10 18:54:32| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2017/04/10 18:54:32| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2017/04/10 18:54:32| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2017/04/10 18:54:32| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/download not found
2017/04/10 18:54:32| Warning: empty ACL: acl download urlpath_regex "/etc/squid/conf/download"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/malware_block_list not found
2017/04/10 18:54:32| Warning: empty ACL: acl malware_block_list url_regex -i "/etc/squid/conf/malware_block_list"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sistema_direto not found
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sistema_direto not found
2017/04/10 18:54:32| Warning: empty ACL: acl sistema_direto_no_cache url_regex -i "/etc/squid/conf/sistema_direto"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sites_bloqueados not found
2017/04/10 18:54:32| Warning: empty ACL: acl bloqueados url_regex -i "/etc/squid/conf/sites_bloqueados"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sites_liberados not found
2017/04/10 18:54:32| Warning: empty ACL: acl liberados url_regex -i "/etc/squid/conf/sites_liberados"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/ips_admin not found
2017/04/10 18:54:32| Warning: empty ACL: acl admin src "/etc/squid/conf/ips_admin"
2017/04/10 18:54:32| ACL not found: lan
FATAL: Bungled /etc/squid3/squid.conf line 7732: http_access allow lan liberados
Squid Cache (Version 3.4.8): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.007 user + 0.001 sys
Maximum Resident Size: 22896 KB
Page faults with physical i/o: 0

ismabsd
(usa FreeBSD)

Enviado em 10/04/2017 - 21:48h

Olá Garona, alguns erros estão ocorrendo porque o squid não está encontrando as ACL, nas linhas que esta com o not found
verifique se os arquivos estão em /etc/squid/conf. Poste também o seu arquivo de configuração squid.conf.

2017/04/10 18:54:32| /etc/squid3/squid.conf:7665 unrecognized: 'memory_repla/cement_policy'
2017/04/10 18:54:32| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2017/04/10 18:54:32| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '::/0' from the ACL named 'all'
2017/04/10 18:54:32| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2017/04/10 18:54:32| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2017/04/10 18:54:32| WARNING: For now we will assume you meant to write /32
2017/04/10 18:54:32| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2017/04/10 18:54:32| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2017/04/10 18:54:32| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2017/04/10 18:54:32| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2017/04/10 18:54:32| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/download not found
2017/04/10 18:54:32| Warning: empty ACL: acl download urlpath_regex "/etc/squid/conf/download"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/malware_block_list not found
2017/04/10 18:54:32| Warning: empty ACL: acl malware_block_list url_regex -i "/etc/squid/conf/malware_block_list"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sistema_direto not found
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sistema_direto not found
2017/04/10 18:54:32| Warning: empty ACL: acl sistema_direto_no_cache url_regex -i "/etc/squid/conf/sistema_direto"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sites_bloqueados not found
2017/04/10 18:54:32| Warning: empty ACL: acl bloqueados url_regex -i "/etc/squid/conf/sites_bloqueados"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/sites_liberados not found
2017/04/10 18:54:32| Warning: empty ACL: acl liberados url_regex -i "/etc/squid/conf/sites_liberados"
2017/04/10 18:54:32| strtokFile: /etc/squid/conf/ips_admin not found
2017/04/10 18:54:32| Warning: empty ACL: acl admin src "/etc/squid/conf/ips_admin"
2017/04/10 18:54:32| ACL not found: lan
FATAL: Bungled /etc/squid3/squid.conf line 7732: http_access allow lan liberados
Squid Cache (Version 3.4.8): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.007 user + 0.001 sys
Maximum Resident Size: 22896 KB
Page faults with physical i/o: 0

garona
(usa Debian)

Enviado em 11/04/2017 - 16:09h

Oi ismabsd, estava vacilando pois estou usando o squid3, e estava tentando salvar na pasta squid, feito isso ao executar o squid3 -z ainda obtive estes erros:
erros:

2017/04/11 15:08:55| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'

2017/04/11 15:08:55| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable

2017/04/11 15:08:55| WARNING: You should probably remove '::/0' from the ACL named 'all'

2017/04/11 15:08:55| WARNING: Netmasks are deprecated. Please use CIDR masks instead.

2017/04/11 15:08:55| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.

2017/04/11 15:08:55| WARNING: For now we will assume you meant to write /32

2017/04/11 15:08:55| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'

2017/04/11 15:08:55| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable

2017/04/11 15:08:55| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'

2017/04/11 15:08:55| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'

2017/04/11 15:08:55| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable

2017/04/11 15:08:55| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'

2017/04/11 15:08:55| Warning: empty ACL: acl download urlpath_regex "/etc/squid3/conf/download"

2017/04/11 15:08:55| Warning: empty ACL: acl malware_block_list url_regex -i "/etc/squid3/conf/malware_block_list"

2017/04/11 15:08:55| strtokFile: /etc/squid/conf/sistema_direto not found

2017/04/11 15:08:55| Warning: empty ACL: acl sistema_direto_no_cache url_regex -i "/etc/squid3/conf/sistema_direto"

2017/04/11 15:08:55| Warning: empty ACL: acl bloqueados url_regex -i "/etc/squid3/conf/sites_bloqueados"

2017/04/11 15:08:55| Warning: empty ACL: acl liberados url_regex -i "/etc/squid3/conf/sites_liberados"

2017/04/11 15:08:55| Warning: empty ACL: acl admin src "/etc/squid3/conf/ips_admin"

2017/04/11 15:08:55| ACL not found: lan

FATAL: Bungled /etc/squid3/squid.conf line 7732: http_access allow lan liberados

Squid Cache (Version 3.4.8): Terminated abnormally.

CPU Usage: 0.010 seconds = 0.006 user + 0.004 sys

Maximum Resident Size: 22880 KB

Page faults with physical i/o: 24

 

Segue o squid.conf:

# cache do Windows Update #

refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims

refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims

refresh_pattern www.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims

refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi) 4320 100% 43200 reload-into-ims

# ----

cache_mem 256 MB

cache_swap_low 90

cache_swap_high 95

maximum_object_size 300 MB

maximum_object_size_in_memory 200 KB

minimum_object_size 0 KB

cache_replacement_policy lru

memory_replacement_policy lru

cache_dir ufs /var/spool/squid3 10000 16 256

cache_access_log /var/log/squid3/access.log

cache_log /var/log/squid3/cache.log

cache_store_log /var/log/squid3/store.log

pid_filename /var/run/squid3.pid

log_mime_hdrs on

hosts_file /etc/hosts

redirect_children 5

redirect_rewrites_host_header on

### ---

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

connect_timeout 180 seconds

request_timeout 40 seconds



acl all src all

acl gerencia proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT



http_access allow manager localhost

http_access deny manager

http_access deny !Safe_ports

http_access deny CONNECT !SSL_ports



#### Download Bloqueado

acl download urlpath_regex "/etc/squid3/conf/download"



# ---- BlockList atualizada no squid

acl malware_block_list url_regex -i "/etc/squid3/conf/malware_block_list"



# ---- Cache sistema Interno desabilitado ----

acl sistema_direto dstdomain "/etc/squid/conf/sistema_direto" always_direct

acl sistema_direto_no_cache url_regex -i "/etc/squid3/conf/sistema_direto"

cache deny sistema_direto_no_cache



# Arquivos de sites bloqueados e liberados

acl bloqueados url_regex -i "/etc/squid3/conf/sites_bloqueados"

acl liberados url_regex -i "/etc/squid3/conf/sites_liberados"



# Arquivo com IPs dos usuários com acesso liberado

acl admin src "/etc/squid3/conf/ips_admin"



### --- Início de liberação/bloqueio de acessos

# Usuários com acesso liberado N~CO tem acesso aos sites bloqueados

http_access deny malware_block_list

http_access deny bloqueados

http_access deny download

http_access allow admin

http_access allow sistema_direto





# Libera acesso para a rede somente para os sites liberados

http_access allow lan liberados

http_access allow download





# E-mail do administrador

cache_mgr meuemail@email.com.br



# Proxy transparente

http_port 3128 transparent



# Logs

cache_access_log /var/log/squid3/access.log

error_directory /usr/share/squid3/errors/Portuguese

#Default:

# Let operating system decide.



                                                                                                                                     7747,0-1      Bot





acl all src all

acl gerencia proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

                                                                                                                                     7640,1        99%

 

removido
(usa Nenhuma)

Enviado em 11/04/2017 - 18:05h

Analise com calma. A resposta está no log.

2017/04/11 15:08:55| strtokFile: /etc/squid/conf/sistema_direto not found
2017/04/11 15:08:55| ACL not found: lan
FATAL: Bungled /etc/squid3/squid.conf line 7732: http_access allow lan liberados

garona
(usa Debian)

Enviado em 11/04/2017 - 18:57h

Boa noit amarildosertorio , analisei e corrigi o maximo que podia, porém agora estou com somente mais alguns erros, porém continuo com estes erros:

2017/04/11 17:54:59| WARNING: (A) '0.0.0.0' is a subnetwork of (B) '::/0'

2017/04/11 17:54:59| WARNING: because of this '0.0.0.0' is ignored to keep splay tree searching predictable

2017/04/11 17:54:59| WARNING: You should probably remove '0.0.0.0' from the ACL named 'all'

 

tentei apontar pra internet mesmo, seria isso mesmo, certo? ou teria que apontar essa ACL para outro lugar? estou somente testando um server com squid, para uma implantação futura, sempre tive curiosidade de mexer a agora estou tendo a oportunidade, então se tiver muitas duvidas de iniciante peço desculpa.
fico no aguardo, obrigado.

removido
(usa Nenhuma)

Enviado em 11/04/2017 - 22:29h

Tente pesquisar os alertas aqui no VoL e documentação oficial.

https://www.vivaolinux.com.br/topico/Squid-Iptables/squid3-nao-funciona