Erro no proxy [RESOLVIDO]

1. Erro no proxy [RESOLVIDO]

eduardo_jst
(usa Slackware)

Enviado em 17/11/2009 - 16:52h

Ola, estou configurando o squid, mas ele não sobe, veja o passo a passo fiz, alguem pode me ajudar?

# Dados do Squid
http_port 3128
visible_hostname Proxy.SQUID

# Configuracao do cache
cache_mem 64 MB
maximum_object_size_in_memory 128 KB
maximum_object_size 300 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/cache/squid 2048 16 256

#Mensagens de erro do Squid em Portugues
error_directory /etc/squid/pacote/usr/share/errors/Portuguese

# Localizacao do arquivo de log do Squid
cache_access_log /var/log/squid/access.log

# Atualizacao do Cache
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 20% 2280
refresh_pattern . 15 20% 22820

#IP's da rede local liberado tudo
#acl ip_liberado src "/etc/squid/ip_liberado"
#http_access allow ip_liberado

# Regras de bloqueio (o IP x somente tem acesso ao site y)
#acl site_restrito dstdomain "/etc/squid/site_restrito"
#acl ip_restrito src "/etc/squid/ip_restrito"
#http_access deny ip_restrito !site_restrito

#IP's da rede local bloqueados
#acl ip_negado src "/etc/squid/regras/ip_negado
#http_access deny ip_negado

# Regras de bloqueio de site ***por palavras
acl palavra url_regex -i "/etc/squid/regras/palavras_negadas"
http_access deny palavra

# Regras de bloqueio de site ***por url
acl site url_regex -i "/etc/squid/regras/sites_negados"
http_access deny site

#Bloqueio por download de arquivo
acl video1 url_regex -i \.avi
http_access deny video1

acl video2 url_regex -i \.wmv
http_access deny video2

acl video3 url_regex -i \.mpg
http_access deny video3

acl video4 url_regex -i \.rmvb
http_access deny video4

acl video5 url_regex -i \.mpeg
http_access deny video5

acl video6 url_regex -i \.mpe
http_access deny video6

acl video7 url_regex -i \.mov
http_access deny video7
acl mp3 url_regex -i \.mp3
http_access deny mp3

acl wav url_regex -i \.wav
http_access deny wav

# Regras de gerais
acl all src 0.0.0.0/0.0.0.0
http_access allow all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 #http
acl Safe_ports port 21 #ftp
acl Safe_ports port 443 563 #https, news
acl Safe_ports port 70 #gopher
acl Safe_ports port 210 #wais
acl Safe_ports port 1025-65535 #unregistred ports
acl Safe_ports port 280 #http-mgmt
acl Safe_ports port 488 #gss-http
acl Safe_ports port 591 #filemaker
acl Safe_ports port 777 #multiling http
acl Safe_ports port 901 #swat
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

# Controle de uso de banda para a rede local
# delay_pools 1
# delay_class 1 2
# delay_parameters 1 114688/114688 16384/16384 #com a conexao de 1024 kbps
# delay_access 1 allow redelocal

# Libera para a rede local
acl redelocal src 10.2.115.0/24
http_access allow localhost
http_access allow redelocal

# Bloqueia acessos externos
http_access deny all

# Proxy transparente
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_uses_host_header on
httpd_accel_with_proxy on

# squid -z

2009/11/17 17:41:14| Warning: empty ACL: acl palavra url_regex -i "/etc/squid/regras/palavras_negadas"
2009/11/17 17:41:14| Warning: empty ACL: acl site url_regex -i "/etc/squid/regras/sites_negados"
2009/11/17 17:41:14| WARNING: '0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0'
2009/11/17 17:41:14| WARNING: because of this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable
2009/11/17 17:41:14| WARNING: You should probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all'
2009/11/17 17:41:14| cache_cf.cc(346) squid.conf:124 unrecognized: 'httpd_accel_port'
2009/11/17 17:41:14| cache_cf.cc(346) squid.conf:125 unrecognized: 'httpd_accel_host'
2009/11/17 17:41:14| cache_cf.cc(346) squid.conf:126 unrecognized: 'httpd_accel_uses_host_header'
2009/11/17 17:41:14| cache_cf.cc(346) squid.conf:127 unrecognized: 'httpd_accel_with_proxy'
2009/11/17 17:41:14| Creating Swap Directories
2009/11/17 17:41:14| /var/cache/squid exists
2009/11/17 17:41:14| Making directories in /var/cache/squid/00
2009/11/17 17:41:14| Making directories in /var/cache/squid/01
2009/11/17 17:41:14| Making directories in /var/cache/squid/02
2009/11/17 17:41:14| Making directories in /var/cache/squid/03
2009/11/17 17:41:14| Making directories in /var/cache/squid/04
2009/11/17 17:41:15| Making directories in /var/cache/squid/05
2009/11/17 17:41:15| Making directories in /var/cache/squid/06
2009/11/17 17:41:15| Making directories in /var/cache/squid/07
2009/11/17 17:41:15| Making directories in /var/cache/squid/08
2009/11/17 17:41:15| Making directories in /var/cache/squid/09
2009/11/17 17:41:15| Making directories in /var/cache/squid/0A
2009/11/17 17:41:15| Making directories in /var/cache/squid/0B
2009/11/17 17:41:15| Making directories in /var/cache/squid/0C
2009/11/17 17:41:15| Making directories in /var/cache/squid/0D
2009/11/17 17:41:15| Making directories in /var/cache/squid/0E
2009/11/17 17:41:15| Making directories in /var/cache/squid/0F

root@cpdserver:~# /etc/rc.d/rc.squid start
Squid: 2009/11/17 17:46:16| Warning: empty ACL: acl palavra url_regex -i "/etc/squid/regras/palavras_negadas"
2009/11/17 17:46:16| Warning: empty ACL: acl site url_regex -i "/etc/squid/regras/sites_negados"
2009/11/17 17:46:16| WARNING: '0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0'
2009/11/17 17:46:16| WARNING: because of this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable
2009/11/17 17:46:16| WARNING: You should probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all'
2009/11/17 17:46:16| cache_cf.cc(346) squid.conf:124 unrecognized: 'httpd_accel_port'
2009/11/17 17:46:16| cache_cf.cc(346) squid.conf:125 unrecognized: 'httpd_accel_host'
2009/11/17 17:46:16| cache_cf.cc(346) squid.conf:126 unrecognized: 'httpd_accel_uses_host_header'
2009/11/17 17:46:16| cache_cf.cc(346) squid.conf:127 unrecognized: 'httpd_accel_with_proxy'
...... Starting (3858)

0 0

Quote

2. Re: Erro no proxy [RESOLVIDO]

gesousa
(usa Ubuntu)

Enviado em 17/11/2009 - 17:20h

sua versão é 2.6 ou mais nova...

portanto em vez de usar a configuração abaixo que é para a versão do squid 2.5, que deve ser apagada:

# Proxy transparente
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_uses_host_header on
httpd_accel_with_proxy on

vc apenas deve colocar a palavra transparent na frente da primeira linha:

http_port 3128 transparent

outros erros que aparecem:

WARNING: '0.0.0.0/0.0.0.0' is a subnetwork of '0.0.0.0/0.0.0.0'
2009/11/17 17:46:16|
WARNING: because of this '0.0.0.0/0.0.0.0' is ignored to keep splay tree searching predictable
2009/11/17 17:46:16|
WARNING: You should probably remove '0.0.0.0/0.0.0.0' from the ACL named 'all'

a partir da versão 2.6, a opção all já vem como padrão, não precisando ser criada.. portanto apague:

acl all src 0.0.0.0/0.0.0.0

Estas duas:
Warning: empty ACL: acl site url_regex -i "/etc/squid/regras/sites_negados"
Warning: empty ACL: acl palavra url_regex -i "/etc/squid/regras/palavras_negadas"

Apenas dizem que o texto das listas citadas,. não foram criados...

Antes de copiar uma conf, verifica se ela é compativel com a versão que vc está utilizando...

0 0

Quote