vilsonoracio
(usa Debian)
Enviado em 09/12/2010 - 08:47h
Olá bom dia!!!!
Estou com um problema no meu squid.conf
Futuramente vou colocalo como autenticado, mas para facilitar coloquei manualmente em algumas máquinas o endereço do meu servidor proxy no navegador :
#192.168.0.222:3128
O problema é agora depois que coloquei o proxy manualmente o endereço da minha intranet (www.intranet.com.br) não funciona mais da como bloqueado somente acessando pelo ip (192.168.0.2) que seria no caso meu servidor samba com intranet.
Com o proxy automático funciona normalmente comsigo acessar pelo endereço (www.intranet.com.br)
Desde ja agradeço ajuda!!!!
ai vai meu squid.conf
http_port 3128 transparent
visible_hostname srvinternet-Dell
cache_memória512 MB
#esvazia o cache:
cache_swap_low 90
cache_swap_high 93
maximum_object_size_in_memory 200 KB
maximum_object_size 512 MB
minimum_object_size 10 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 2048 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_log /var/log/squid/store.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 20% 2280
refresh_pattern . 15 20% 2280
error_directory /usr/share/squid/errors/Portuguese
#-------------------------------------------------------------#
####################### REGRAS DE ACL #########################
#-------------------------------------------------------------#
######autenticacao de ususario#########
#auth_param basic realm Squid
#auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
#acl autenticados proxy_auth REQUIRED
#######autenticacao de usuario
#http_access allow autenticados
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 47 873
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 #rsync
acl Safe_ports port 631 #cups
acl Safe_ports port 901 # SWAT
acl Safe_ports port 8999 # serpro
acl Safe_ports port 23000 # serpro
acl Safe_ports port 8443 # serpro
acl Safe_ports port 23 # telnet serpro
acl Safe_ports port 8880 # hpopenview embratel
acl Safe_ports port 10000 # Webmin
acl Safe_ports port 13000-13005 # sites do dgp
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl redelocal src 192.168.0.0/24
############configuracao do sqstat#############
acl manager proto cache_object
acl webserver src 192.168.0.222/32
http_access allow manager webserver
http_access deny manager
##################################################
#-------------------------------------------------------------#
############### LIBERA ACESSO FULL AO EXECUTIVO ###############
#-------------------------------------------------------------#
### Libera somente executivo
acl executivo src "/etc/squid/executivo"
http_access allow executivo
#####libera net no horario de almoco##########
acl almoco time MTWHF 12:00-13:15
acl sitesalmoco dstdom_regex "/etc/squid/sitesalmoco"
http_access allow sitesalmoco almoco
http_access deny sitesalmoco
######bloqueia por extensao########
acl ext url_regex -i \.flv$ \.zip$ \.avi$ \.mp3$ \.exe$ \.torrent$ \.wmv$ \.rmvb$ \.iso$ \.bat$ \.inf$ \.wav$ \.swf$
http_access deny ext
#-------------------------------------------------------------#
#################### BLOQUEIA ACESSOS ####################
#-------------------------------------------------------------#
acl bloqueio url_regex -i http://.*/search\?q=.*
acl bloqueio url_regex -i
http://wexchange.biz/
acl bloqueio url_regex -i http://.*/u/
acl bloqueio url_regex -i
http://125.13.172.45/s/
acl bloqueio url_regex -i
http://65.55.136.121:80
acl bloqueio url_regex -i
http://i4.ytimg.com
acl bloqueio url_regex -i
http://66.249.68.194
acl bloqueio url_regex -i
http://www.whatismyip.org/
acl bloqueio url_regex -i
http://whatismyip.org/
http_access deny bloqueio
#----------------------------------------------------#
### Bloqueia por Palavras
acl bloqueados dstdom_regex "/etc/squid/bloqueados"
http_access deny bloqueados
#---------------------------------------------------#
### Libera internet somente para total
acl total src "/etc/squid/total"
http_access allow total
http_access deny redelocal
#####bloquea enderecos fora da rede local
http_access deny all