Perguntas & Respostas

Olá a todos.

Instalei um squid no meu servidor slackware 11.0 e estou com o seguinte problema.
No meu relatorio do SARG, só aparece o ip 192.168.0.0, então pensei em analisar o meu access.log do squid. Só que ele só me retorna estes registros:

1184773789.345 72 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/post.gif - DIRECT/200.137.204.8 -
1184773789.351 71 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/reply.gif - DIRECT/200.137.204.8 -
1184773789.357 69 192.168.0.0 TCP_MISS/404 470 GET http://www.slackbr.org/forum/images/avatars/gallery/slackware/6.gif - DIRECT/200.137.204.8 text/html
1184773789.377 71 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/cellpic3.gif - DIRECT/200.137.204.8 -
1184773789.429 83 192.168.0.0 TCP_MISS/304 192 GET http://www.slackbr.org/forum/templates/subSilver/images/icon_minipost.gif - DIRECT/200.137.204.8 -
1184773789.430 78 192.168.0.0 TCP_MISS/304 192 GET http://www.slackbr.org/forum/images/icons/icon1.gif - DIRECT/200.137.204.8 -
1184773789.436 78 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_quote.gif - DIRECT/200.137.204.8 -
1184773789.438 60 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_profile.gif - DIRECT/200.137.204.8 -
1184773789.500 69 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_pm.gif - DIRECT/200.137.204.8 -
1184773789.510 77 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_icq_add.gif - DIRECT/200.137.204.8 -
1184773789.517 77 192.168.0.0 TCP_MISS/304 192 GET http://www.slackbr.org/forum/templates/subSilver/images/spacer.gif - DIRECT/200.137.204.8 -
1184773789.588 87 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_email.gif - DIRECT/200.137.204.8 -
1184773789.595 84 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_www.gif - DIRECT/200.137.204.8 -
1184773789.597 79 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/icon_msnm.gif - DIRECT/200.137.204.8 -
1184773789.666 77 192.168.0.0 TCP_MISS/304 192 GET http://www.slackbr.org/forum/templates/subSilver/images/cellpic1.gif - DIRECT/200.137.204.8 -
1184773789.669 71 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/bs_command_preview.gi... - DIRECT/200.137.204.8 -
1184773789.672 73 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/lang_portuguese_brazil/bs_command_submit.gif - DIRECT/200.137.204.8 -
1184773789.740 73 192.168.0.0 TCP_MISS/304 193 GET http://www.slackbr.org/forum/templates/subSilver/images/bs_command_mini_submit.gif - DIRECT/200.137.204.8 -
1184773792.461 3021 192.168.0.0 TCP_MISS/000 0 GET http://web.icq.com/whitepages/online? - NONE/- -

O meu arquivo do squid está assim:
#Inicio do squid.conf
http_port 3128

icp_port 3130

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY

cache_mem 80 MB

cache_swap_low 90
cache_swap_high 95

fqdncache_size 1024

cache_dir ufs /var/cache/squid 100 16 256

cache_access_log /var/log/squid/access.log

cache_log /var/log/squid/cache.log

cache_store_log /var/log/squid/store.log

pid_filename /var/log/squid/squid.pid

log_fqdn on
client_netmask 255.255.255.0

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl rede_local src 192.168.0.0/24
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

#ACL'S DBInfor
# Ips
acl acesso_total src "/etc/squid/arquivos/acesso_total"
acl acesso_restrito src "/etc/squid/arquivos/acesso_restrito"

#Conteudo
acl restrito url_regex [-i] "/etc/squid/arquivos/restrito"

http_access allow localhost
##http_access allow rede_local

# Regras

http_access allow acesso_total


http_access deny !restrito
http_access allow acesso_restrito
#
# And finally deny all other access to this proxy
http_access deny all

icp_access allow all

visible_hostname supernova

httpd_accel_port 80

#Fim arquivo squid.conf
_________________________________

Porque ele não aparece os ips da minha rede local?

PS: eu poderia ter feito uma

acl rede_local src 192.168.0.0/24 e liberado ela depois com
http_access allow rede_local

Mas se eu fizer isto, o bloqueio, por exemplo do www.orkut.com não funciona para a minha rede, mas ja fiz o teste colocando somente o rede_local liberado e ainda assim os ips não registram no access.log.

Agradeço pela atenção.