walber
(usa CentOS)
Enviado em 02/06/2009 - 07:37h
Bom dia a todos, acabei de instalar e configurar o debian(Lenny) + squid (2.7.STABLE3-4.1) + sarg (2.2.5-2)
Esta tudo funcionando, porem nos logs do squid estou recebendo essa mensagem de erro:
GET error:invalid-request - NONE/- text/html
E daí fica aparecendo endereços ips e nomes de usuarios pois o squid está em modo autenticado,e o iptables faz o REDIRECT das requisições da porta 80 para a porta 8080.
Vi aqui no vol um amigo falando pra colocar a palavra transparent depois da http_port 8080 transparent
fiz o teste e realmente parou de da as mensagens de erros porem os relatorios estavao saindo só por ip, e minha rede está modo dhcp, segue meu conf do squid, se alguém pode dar um help.
1 http_port 8080
2
3
4 visible_hostname localhost
5
6 hierarchy_stoplist cgi-bin ?
7 acl QUERY urlpath_regex cgi-bin \?
8 no_cache deny QUERY
9
10 hosts_file /etc/hosts
11
12 refresh_pattern ^ftp: 1440 20% 10080
13 refresh_pattern ^gopher: 1440 0% 1440
14 refresh_pattern . 0 20% 4320
15
16 error_directory /usr/share/squid/errors/Portuguese
17 access_log /var/log/squid/access.log squid
18 cache_mem 512 MB
19
20 maximum_object_size 4 MB
21 maximum_object_size_in_memory 128 KB
22 cache_dir ufs /var/spool/squid 512 256 512
23
24
25
26 refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
27 refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
28 refresh_pattern
www.microsoft.com/.*\.(cab|exe|dll|msi) 10080 100% 43200 reload-into-ims
29 refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi) 4320 100% 43200 reload-into-ims
30
31
32 cache_swap_low 90
33 cache_swap_high 95
34
35 auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squidpasswd
36 auth_param basic realm "Servidor de internet"
37 auth_param basic casesensitive off
38
39 acl autenticacao proxy_auth REQUIRED
40
41
42 acl all src 0.0.0.0/0.0.0.0
43 acl manager proto cache_object
44 acl localhost src 127.0.0.1/255.255.255.255
45 acl to_localhost dst 127.0.0.0/8
46 acl SSL_ports port 443 563 # https, snews
47 acl SSL_ports port 873 # rsync
48 acl Safe_ports port 80 # http
49 acl Safe_ports port 21 # ftp
50 acl Safe_ports port 443 563 # https, snews
51 acl Safe_ports port 70 # gopher
52 acl Safe_ports port 210 # wais
53 acl Safe_ports port 1025-65535 # unregistered ports
54 acl Safe_ports port 280 # http-mgmt
55 acl Safe_ports port 488 # gss-http
56 acl Safe_ports port 591 # filemaker
57 acl Safe_ports port 777 # multiling http
58 acl Safe_ports port 631 # cups
59 acl Safe_ports port 873 # rsync
60 acl Safe_ports port 901 # SWAT
61 acl purge method PURGE
62 acl CONNECT method CONNECT
63
64 #Minhas acls
65 acl minharede src 192.168.16.0/24
66 acl sbloqueados url_regex -i "/etc/squid/regras/sbloqueados"
67 acl sliberados url_regex -i "/etc/squid/regras/sliberados"
68 acl uliberados proxy_auth -i "/etc/squid/regras/uliberados"
69 acl ubloqueados proxy_auth -i "/etc/squid/regras/ubloqueados"
70 acl download url_regex -i "/etc/squid/regras/download"
71 acl games dstdom_regex .*game*.com.*
72 http_access allow sliberados
73 http_access allow uliberados sbloqueados
74 http_access allow uliberados download
75 http_access deny download
76 http_access deny sbloqueados
77 http_access deny games
78 http_access allow autenticacao
79 http_access allow minharede
80
81 http_access allow manager localhost
82 http_access deny manager
83 http_access allow purge localhost
84 http_access deny purge
85 http_access deny !Safe_ports
86 http_access deny CONNECT !SSL_ports
http_access allow localhost
88 http_access deny all
89 http_reply_access allow all
90 icp_access allow all
91 coredump_dir /var/spool/squid
92
Desde já agradeço.