Perguntas & Respostas

OLa galera do vol,estou com um problema com configução do squid 2.6 no debian 4.0 , configurei mas ele so funciona colocando o proxy no navegador, mas gostaria que funcionace como proxy transparent, alguem ja configurou e poderia me ajudar .

ai vai as configuração:

normally listens to port 3128####################
   http_port 3128 transparent

# deixa os erros em portugues ###########################
   error_directory /usr/share/squid/errors/Portuguese


#We recommend you to use the following two lines.##########
   acl QUERY urlpath_regex "/etc/squid/senhas"
   cache deny QUERY

# Apache to signal ETag correctly on such responses#########
   acl apache rep_header Server ^Apache
   broken_vary_encoding allow apache
   
## tamanho do cache de arquivos na memoria ##################
   cache_mem 64 MB

## tamanho maximo de objetos em cache na memoria ############
   maximum_object_size_in_memory 256 KB

## tamanho maximo de objetos no cache do disco ###############
   maximum_object_size 4096 KB

## tamanho minimo de objetos no cache do disco ##############
   minimum_object_size 0 KB

## parametros para esvaziar o cache quando necessario ########
   cache_swap_low 80
   cache_swap_high 85

## diretorio onde o cache sera salvo #########################
##cache_dir ufs /cache 12000 16 256
   cache_dir ufs /cache 12000 16 256

## corrige bug de refresh do internet explorer 5.x ############
   ie_refresh on

## Informa o usuario e grupo que executam o squid ##############
   cache_effective_user proxy
   cache_effective_group proxy

# To log the request via syslog specify a filepath of "syslog"####
   access_log /var/log/squid/access.log squid

# maximo de ips dns que serao armazedos no cache #################
   ipcache_size 2048
   ipcache_low 90
   ipcache_high 95

# maximo de ips dns que serao armazedos no cache ##################
   fqdncache_size 2048

#Default:
   cache_log /var/log/squid/cache.log

#Default:############################################################
   cache_store_log /var/log/squid/store.log

# hosts_file /etc/hosts###############################################
   hosts_file /etc/hosts

## progama usuado para a autenticao###################################
   auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/senhas

#auth_param basic credentialsttl 2 hour

#Sus que aumentam o tempo de permanenciam de objetos no cache ########
   refresh_pattern ^ftp:      1440    20%   10080
   refresh_pattern ^gopher:   1440    0%   1440
   refresh_pattern .      10    20%   4320

##libera acesso a update antivirus###################################
   acl ip_nod32 dst 213.215.116.226 89.202.157.135 89.202.157.136 89.202.157.137 89.202.157.138 89.202.157.139
   http_access allow ip_nod32

# libera acesso ao SIAFI ############################################
   acl ip_serpro dst 161.148.40.200
   http_access allow ip_serpro

## libera acesso ao Portal da Rede Interna###########################
   acl ip_mail dst 10.56.52.2
   http_access allow ip_mail
   
   acl GOVERNO url_regex .gov.br. .eb.br. .eb.mil.br.
   http_access allow GOVERNO
   
   acl rede_ftp dst 10.56.52.3
   http_access allow rede_ftp
   
   acl chat url_regex chat batepapo bate-papo
   http_access deny chat
   
   acl batepapo url_regex chat batepapo bate-papo
   http_access deny batepapo
   
   acl bate-papo url_regex chat batepapo bate-papo
   http_access deny bate-papo

####### acl autenticao do proxy ########################   
   acl all src 0.0.0.0/0.0.0.0
   acl rede_interna src 10.56.52.0/22
   acl manager proto cache_object
   acl localhost src 127.0.0.1/255.255.255.255
   acl to_localhost dst 127.0.0.0/8
   acl SSL_ports port 443 # https
   acl SSL_ports port 563 # snews
   acl SSL_ports port 873 # rsync
   acl Safe_ports port 80 # http
   acl Safe_ports port 21 # ftp
   acl Safe_ports port 443 # https
   acl Safe_ports port 70 # gopher
   acl Safe_ports port 210 # wais
   acl Safe_ports port 1025-65535 # unregistered ports
   acl Safe_ports port 280 # http-mgmt
   acl Safe_ports port 488 # gss-http
   acl Safe_ports port 591 # filemaker
   acl Safe_ports port 777 # multiling http
   acl Safe_ports port 631 # cups
   acl Safe_ports port 873 # rsync
   acl Safe_ports port 901 # SWAT
   acl purge method PURGE
   acl CONNECT method CONNECT

##controle de banda#######################################
   acl interno url_regex -i "/etc/squid/ext_delay/ext_delay"
   acl interno url_regex -i 10.56.52.0
   acl IPSRED src "/etc/squid/ctr/ips"

   delay_pools 2
   delay_class 1 2
   delay_access 1 allow IPSRED
   delay_parameters 1 -1/-1 3000/3000
   delay_class 2 2
   delay_access 2 allow interno
   delay_parameters 2 -1/-1 -1/-1
   

   http_access allow rede_interna
   http_access allow manager localhost
   http_access deny manager
   http_access allow purge localhost
   http_access deny purge
   http_access deny !Safe_ports
   http_access deny CONNECT !SSL_ports
   http_access allow localhost   
   http_access deny all
   http_reply_access allow all
   icp_access allow all
   cache_effective_group proxy
   coredump_dir /var/spool/squid