eugenio150
(usa BackTrack)
Enviado em 23/10/2015 - 15:30h
2015/10/23 14:49:33| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'.
2015/10/23 14:49:33| SECURITY NOTICE: Overriding config setting. Using 'all' instead.
2015/10/23 14:49:33| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2015/10/23 14:49:33| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2015/10/23 14:49:33| WARNING: You should probably remove '::/0' from the ACL named 'all'
2015/10/23 14:49:33| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2015/10/23 14:49:33| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2015/10/23 14:49:33| WARNING: For now we will assume you meant to write /32
Arquivo ( Squid.conf )
http_port 3128
visible_hostname oriondebian
cache_mem 300 MB
maximum_object_size_in_memory 512 KB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 2048 16 256
cache_access_log /var/log/squid3/acess.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https,snews
acl Safe_ports port 70 #gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # portas altas
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl site dstdomain siteproblematico.com
always_direct allow site
acl redelocal src 192.168.2.0/27
http_access allow localhost
http_access allow redelocal
http_access deny all