diegojr554
(usa CentOS)
Enviado em 19/12/2014 - 14:29h
millinux escreveu:
Roda tail -f no arquivo de log do squid e acessar a site bloqueado e ver o que ele mostra em tempo real, se é o o IP que fez o acesso..
Pode grepar o IP para ficar mais limpo, e posta a saida aqui.
Segue a saída do arquivo /var/log/squid/acces.log:
--------------------------------------------------
1419006012.669 0 192.168.25.235 TCP_DENIED/407 3654 CONNECT tools.google.com:443 - NONE/- text/html
1419006012.687 0 192.168.25.235 TCP_DENIED/407 3654 CONNECT tools.google.com:443 - NONE/- text/html
1419006015.417 16 192.168.25.27 TCP_MISS/200 1369 GET
http://pt-br.facebook.com/ teste DIRECT/192.168.25.6 text/html
1419006015.569 15 192.168.25.27 TCP_MISS/200 1380 GET
http://pt-br.facebook.com/favicon.ico teste DIRECT/192.168.25.6 text/html
1419006016.451 0 192.168.25.240 NONE/417 4147 POST
http://lenovoappssystemupdateprod.112.2o7.net/b/ss/lenovoappssystemupdateprod/6 - NONE/- text/html
1419006016.662 0 192.168.25.240 TCP_DENIED/407 4050 GET
http://download.lenovo.com/pccbbs/thinkvantage_en/metroapps/Metrics/MetricCollectionSubscription.xml - NONE/- text/html
1419006017.423 0 192.168.25.27 TCP_DENIED/407 4902 GET
http://www.google-analytics.com/__utm.gif? - NONE/- text/html
1419006019.090 139 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006019.588 495 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006020.026 433 192.168.25.27 TCP_MISS/200 1414 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 text/html
1419006020.212 106 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006020.363 144 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006020.564 199 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006020.898 328 192.168.25.27 TCP_MISS/200 1455 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 text/html
1419006020.986 16 192.168.25.27 TCP_MISS/200 1362 GET
http://www.msn.com/ teste DIRECT/192.168.25.6 text/html
1419006021.108 15 192.168.25.27 TCP_MISS/200 1373 GET
http://www.msn.com/favicon.ico teste DIRECT/192.168.25.6 text/html
1419006023.605 385 192.168.25.27 TCP_MISS/200 1393 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 text/html
1419006023.807 361 192.168.25.223 TCP_MISS/200 429 POST
http://vs.mcafeeasap.com/MC/VS60/CheckConnection.asp - DIRECT/161.69.25.233 text/html
1419006023.851 185 192.168.25.27 TCP_MISS/000 0 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 -
1419006024.017 195 192.168.25.223 TCP_MISS/200 3118 GET
http://vs.mcafeeasap.com/MC/VS60/Update.aspx? - DIRECT/161.69.25.233 text/html
1419006024.253 204 192.168.25.223 TCP_MISS/200 2757 GET
http://vs.mcafeeasap.com/MC/VS60/Update.aspx? - DIRECT/161.69.25.233 text/html
1419006024.571 715 192.168.25.27 TCP_MISS/200 1440 GET
http://api.bing.com/qsml.aspx? teste DIRECT/177.159.159.11 text/html
1419006024.665 381 192.168.25.223 TCP_MISS/200 26778 GET
http://vs.mcafeeasap.com/MC/VS60/CPU.aspx? - DIRECT/161.69.25.233 text/html
1419006024.776 49 192.168.25.27 TCP_MISS/200 1366 GET
http://www.xvideos.com/ teste DIRECT/192.168.25.6 text/html
1419006024.864 15 192.168.25.27 TCP_MISS/200 1377 GET
http://www.xvideos.com/favicon.ico teste DIRECT/192.168.25.6 text/html
1419006024.898 229 192.168.25.223 TCP_MISS/200 14762 GET
http://vs.mcafeeasap.com/MC/VS60/UI.aspx? - DIRECT/161.69.25.233 text/html
1419006025.069 193 192.168.25.223 TCP_MISS/200 3416 GET
http://vs.mcafeeasap.com/MC/VS60/HeaderImage.aspx? - DIRECT/161.69.25.233 image/gif
1419006025.294 209 192.168.25.223 TCP_MISS/200 18460 GET
http://vs.mcafeeasap.com/MC/VS60/InstallCore.aspx? - DIRECT/161.69.25.233 text/html
1419006027.427 0 192.168.25.27 TCP_DENIED/407 4902 GET
http://www.google-analytics.com/__utm.gif? - NONE/- text/html
1419006028.016 0 192.168.25.218 TCP_DENIED/407 4093 POST
http://tools.google.com/service/update2? - NONE/- text/html
1419006028.024 0 192.168.25.218 TCP_DENIED/407 4397 POST
http://tools.google.com/service/update2? - NONE/- text/html
1419006034.533 45 192.168.25.217 TCP_MISS/200 973 GET
http://mail-1.nomer.com.br/Main/frmComposeKeepAlive.aspx? leticia.ywamoto DIRECT/187.95.194.145 text/html
1419006034.783 0 192.168.25.27 TCP_DENIED/407 3898 CONNECT 1.client-channel.google.com:443 - NONE/- text/html
1419006036.184 0 192.168.25.167 TCP_DENIED/407 3654 CONNECT tools.google.com:443 - NONE/- text/html
--------------------------------------------------
Neste caso os domínios do msn, facebook e xvideos estão bloqueados e de fato os usuários não conseguem acessa-los, mas no log aparece TCP_MISS/200