Erro iniciar Squid 3 (Debian 7) [RESOLVIDO]

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 16:24h

Boa tarde, estou tendo problemas para criar um servidor de internet com proxy squid, utilizando o squid 3 no Debian Debian Wheezy, ja procurei em vários foruns mas até o momento não consegui uma solução. Essa maquina será também um servidor dhcp & dns, porém (acredito que com esse erro do squid) não estou conseguindo navegar na web. Vou colocar abaixo o erro junto do meu squid.conf, desde já agradeço a atenção.

root@sphnetserver:/home/adminti# squid -k reconfigure
2013/11/16 18:24:19| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'.
2013/11/16 18:24:19| SECURITY NOTICE: Overriding config setting. Using 'all' instead.
2013/11/16 18:24:19| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/11/16 18:24:19| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/11/16 18:24:19| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/11/16 18:24:19| aclParseAclLine: ACL 'manager' already exists with different type.
FATAL: Bungled squid.conf line 88: acl manager proto cache_object
Squid Cache (Version 3.3.3): Terminated abnormally.
CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys
Maximum Resident Size: 17712 KB
Page faults with physical i/o: 0


squid.conf

#!/bin/sh
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
## acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
## acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
## acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
## acl localnet src fc00::/7 # RFC 4193 local private network range
## acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

## acl SSL_ports port 443
## acl Safe_ports port 80 # http
## acl Safe_ports port 21 # ftp
## acl Safe_ports port 443 # https
## acl Safe_ports port 70 # gopher
## acl Safe_ports port 210 # wais
## acl Safe_ports port 1025-65535 # unregistered ports
## acl Safe_ports port 280 # http-mgmt
## acl Safe_ports port 488 # gss-http
## acl Safe_ports port 591 # filemaker
## acl Safe_ports port 777 # multiling http
## acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
## http_access allow localhost manager
## http_access deny manager

# Deny requests to certain unsafe ports
## http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
## http_access deny CONNECT !SSL_ports

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
## http_access allow localnet
## http_access allow localhost

# And finally deny all other access to this proxy
## http_access deny all

# Squid normally listens to port 3128
http_port 3128 transparent
visible_hostname sphnetserver

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/cache/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid

# Add any of your own refresh_pattern entries above these.
## refresh_pattern ^ftp: 1440 20% 10080
## refresh_pattern ^gopher: 1440 0% 1440
## refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
## refresh_pattern . 0 20% 4320


## Início - Proxy Squid by Victor Fonseca

hierarchy_stoplist cgi-bin ?
cache_mem 16 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
cache_dir ufs /var/cache/squid 1000 16 256
cache_access_log /var/log/squid/access.log
ftp_user Squid@

# ACLS
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 8080 # wpad

acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all
icp_access allow all
visible_hostname on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Ignorante
(usa Slackware)

Enviado em 17/11/2013 - 17:46h

O primeiro erro troque acl all src 0.0.0.0/0.0.0.0 por acl all src all ou remova

att

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 17:59h

Obrigado pela resposta, alterei a acl mas o erro ainda persistiu:

root@sphnetserver:/home/adminti# squid -k reconfigure
2013/11/17 17:52:31| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/11/17 17:52:31| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/11/17 17:52:31| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/11/17 17:52:31| aclParseAclLine: ACL 'manager' already exists with different type.
FATAL: Bungled squid.conf line 88: acl manager proto cache_object
Squid Cache (Version 3.3.3): Terminated abnormally.
CPU Usage: 0.028 seconds = 0.004 user + 0.024 sys
Maximum Resident Size: 17712 KB
Page faults with physical i/o: 27

Ignorante
(usa Slackware)

Enviado em 17/11/2013 - 18:05h

Troque acl localhost src 127.0.0.1/255.255.255.255 por acl localhost src 127.0.0.1/32

teste se da certo

att

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 18:14h

Fiz a alteração mas agora o erro ficou diferente:

root@sphnetserver:/home/adminti# squid -k reconfigure
2013/11/17 18:11:54| aclParseAclLine: ACL 'manager' already exists with different type.
FATAL: Bungled squid.conf line 88: acl manager proto cache_object
Squid Cache (Version 3.3.3): Terminated abnormally.
CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys
Maximum Resident Size: 17680 KB
Page faults with physical i/o: 0

Ignorante
(usa Slackware)

Enviado em 17/11/2013 - 18:27h

comente a linha acl manager proto cache_object, e teste

Voce usa squid ou squid 3?

se for o 3 como esta no erro, foi o motivo de tanto erro
att

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 18:34h

É o squid 3.
Já havia feito esse teste, mas ai o erro aumenta:

root@sphnetserver:/home/adminti# squid -k reconfigure
2013/11/17 18:31:30| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2013/11/17 18:31:30| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2013/11/17 18:31:30| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2013/11/17 18:31:30| WARNING: (B) '127.0.0.1' is a subnetwork of (A) '127.0.0.1'
2013/11/17 18:31:30| WARNING: because of this '127.0.0.1' is ignored to keep splay tree searching predictable
2013/11/17 18:31:30| WARNING: You should probably remove '127.0.0.1' from the ACL named 'localhost'
2013/11/17 18:31:30| squid.conf:111 unrecognized: 'httpd_accel_host'
2013/11/17 18:31:30| squid.conf:112 unrecognized: 'httpd_accel_port'
2013/11/17 18:31:30| squid.conf:113 unrecognized: 'httpd_accel_with_proxy'
2013/11/17 18:31:30| squid.conf:114 unrecognized: 'httpd_accel_uses_host_header'
WARNING: Cannot write log file: /var/log/cache.log
/var/log/cache.log: Permission denied
messages will be sent to 'stderr'.

Ignorante
(usa Slackware)

Enviado em 17/11/2013 - 18:39h

Amigo, mude o nome de seu squid.conf para squid.conf.bak e crie um arquivo novo squid.conf e copie e cole esse squid.conf depois fazemos as auteracoes

http_port 3128 intercept

cache_mem 128 MB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid3 2048 16 256
cache_access_log /var/log/squid3/cache.log

visible_hostname serverlocal
cache_mgr email@email

coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320


error_directory /usr/share/squid3/errors/pt-br

################################################################################
# Acls Padrao
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# Acls Personalizadas
acl redelocal src 192.168.0.0/24


# Acls Personalixadas para PROXY Transparente
#acl acessobasico src "/etc/squid3/ips.basic"
#acl acessocompleto src "/etc/squid3/ips.full"

# Bloqueios Sites/Arquivos/Palavras
#acl palavras url_regex -i "/etc/squid3/palavras.deny"
#acl sitesproibidos url_regex -i "/etc/squid3/sites.deny"
#acl downloadsproibidos url_regex "/etc/squid3/downloads.deny"

##################################################################################
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost


#http_access allow acessocompleto
#http_access deny downloadsproibidos
#http_access deny palavras
#http_access deny sitesproibidos
#http_access allow acessobasico
http_access allow redelocal
http_access deny all

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 18:41h

Legal, vou fazer os testes aqui e já te retorno.

viktur2711
(usa Ubuntu)

Enviado em 17/11/2013 - 18:52h

Olha o que apareceu:


root@sphnetserver:/home/adminti# squid -k reconfigure
2013/11/17 18:50:05| aclParseAclLine: ACL 'manager' already exists with different type.
FATAL: Bungled squid.conf line 26: acl manager proto cache_object
Squid Cache (Version 3.3.3): Terminated abnormally.
CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys
Maximum Resident Size: 17696 KB
Page faults with physical i/o: 0

Ignorante
(usa Slackware)

Enviado em 17/11/2013 - 19:14h

Comente acl manager proto cache_object

# squid3 -k reconfigure

voce tinha o squid e atualizou para o squid3?

att