verficação do squid.conf

1. verficação do squid.conf

hideoux
(usa OpenSuSE)

Enviado em 01/01/2017 - 12:47h

Ano novo - servidor novo!

refaço o servidor a cada 3 ou 4 anos...
no meio tempo, só apago incêncio...
não é robusto... só é para samba, roteamento, squid, apache...

mas a respeito do squid, que só estudo para refazer e sempre apanho,

Alguém poderia me ajudar a olhar como ficou dessa vez??

Está funcionando, pelos meus testes, mas estou achando o acesso lento aos sites...

segue o squid.conf:

###########################################################################
#CONFIGURAÇÃO DO SQUID COM AUTENTICAÇÃO
auth_param basic program /etc/squid/basic_ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic credentialsttl 1 hour
auth_param basic realm Preencha:
auth_param basic casesensitive off

###########################################################################
#REGRAS PARA O SQUID
http_port 3128
visible_hostname M13

###########################################################################
#CACHE DE ARQUIVOS

cache_mem 700 MB
cache_swap_low 90
cache_swap_high 95

maximum_object_size 1024 MB
minimum_object_size 0 kb
maximum_object_size_in_memory 64 MB

ipcache_size 1024
ipcache_low 90
ipcache_high 93

cache_replacement_policy lru
memory_replacement_policy lru

cache_dir ufs /var/cache/squid3 4012 128 256

###########################################################################
#CONFIGURAÇÃO DE ARQUIVOS DE LOGS
cache_access_log /var/log/squid/store.log
cache_store_log /var/log/squid/access.log

refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopper: 15 0% 2280
refresh_pattern . 15 20% 2280

###########################################################################
#CONFIGURAÇÕES DE DIRETIVAS
acl manager proto cache_object
acl localhost src 192.168.0.0/24
acl SSL_ports port 443 563
acl safe_ports port 80 21 70 210 888
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports

###########################################################################
#ACL PARA FAZER AUTENTICAÇÃO
acl autenticados proxy_auth REQUIRED
acl permitidos src 192.168.0.0/24
#acl all src 192.168.0.0/24

###########################################################################
#ACL PARA AUTORIZAÇÕES:

##USUÁRIOS LIBERADOS white.user.txt:
acl user_liberado proxy_auth "/etc/squid/white.user.txt"
http_access allow user_liberado

##IPS LIBERADOS white.ip.txt:
acl ip_liberado src "/etc/squid/white.ip.txt"
http_access allow ip_liberado

##SITES LIBERADOS white.url.txt:
acl siteliberado url_regex -i "/etc/squid/white.url.txt"
http_access allow siteliberado

##PALAVRAS LIBERADAS white.words.txt:
acl palavraliberada dstdom_regex "/etc/squid/white.words.txt"
http_access allow palavraliberada

###########################################################################
#ACL PARA BLOQUEIOS:

##SITES BLOQUEADOS black.url.txt:
acl sitebloqueado url_regex -i "/etc/squid/black.url.txt"
http_access deny sitebloqueado

##SITES DOWNLOAD black.words.txt:
acl sitesword url_regex -i "/etc/squid/black.words.txt"
http_access deny sitesword

###########################################################################
http_access allow autenticados permitidos
http_access deny all

0 0

Quote