Problema com ACL

1. Problema com ACL

marcelocb
(usa Ubuntu)

Enviado em 19/09/2008 - 11:08h

Pessoal, esta minha acl esta dando este erro.
Alguem pode me ajuadar?

#########################erro##########################################
squid -k reconfigure
2008/09/19 10:58:37| aclParseAclLine: WARNING: empty ACL: acl dom_proib url_regex -i "/etc/squid/regras/dom_proib.txt"
#######################################################################

Segue meu iptables.up.rules. e squid.conf

iptables.up.rules.

# Generated by iptables-save v1.3.6 on Mon Jul 21 14:23:08 2008
*mangle
:PREROUTING ACCEPT [960897:427464468]
:INPUT ACCEPT [499864:303739800]
:FORWARD ACCEPT [449501:122644748]
:OUTPUT ACCEPT [586964:368510511]
:POSTROUTING ACCEPT [1036536:491176036]
-A FORWARD -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1400:1536 -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Mon Jul 21 14:23:08 2008
# Generated by iptables-save v1.3.6 on Mon Jul 21 14:23:08 2008
*nat
:PREROUTING ACCEPT [71823:6964003]
:POSTROUTING ACCEPT [19448:1312814]
:OUTPUT ACCEPT [19202:1300687]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -d 192.168.0.1 -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 2000
-A PREROUTING -d 10.10.40.2 -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 2000
-A POSTROUTING -s 192.168.0.0/255.255.0.0 -o ppp0 -j MASQUERADE
COMMIT
# Completed on Mon Jul 21 14:23:08 2008
# Generated by iptables-save v1.3.6 on Mon Jul 21 14:23:08 2008
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -m icmp -m limit --icmp-type 8 --limit 1/sec -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -s 200.165.132.147 -i ppp0 -j ACCEPT
-A INPUT -s 200.149.55.140 -i ppp0 -j ACCEPT
-A INPUT -s 200.167.232.14 -i ppp0 -j ACCEPT
-A INPUT -p tcp -m tcp -i ppp0 --dport 2000 -j ACCEPT
-A INPUT -p udp -m udp -i ppp0 --dport 1:65535 -j ACCEPT
-A INPUT -p icmp -i ppp0 -j ACCEPT
-A INPUT -p tcp -m tcp -i ppp0 ! --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A INPUT -p udp -m udp -i ppp0 --dport 1:65535 -j ACCEPT
-A INPUT -p tcp -m state -m tcp -i ppp0 --dport 1024:65535 --sport 20 --state RELATED -j ACCEPT
-A INPUT -p tcp -s 201.78.171.105 -i ppp0 -j ACCEPT
-A INPUT -p tcp -i ppp0 -j LOG --log-prefix "DROP ALL INPUT: " --log-level 7
-A INPUT -p tcp -m tcp -i ppp0 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 1863 -j DROP
COMMIT
# Completed on Mon Jul 21 14:23:08 2008

squid.conf

############### MARCELO #################

acl msn url_regex -i /gateway/gateway.dll
acl x-msn1 req_mime_type application/x-msn-messenger
acl x-msn2 rep_mime_type application/x-msn-messenger

acl palavras_bloq url_regex -i "/etc/squid/regras/palavrasbloq.txt"
acl dom_proib url_regex -i "/etc/squid/regras/dom_proib.txt"
acl liberados url_regex -i "/etc/squid/regras/liberados.txt"

http_reply_access deny x-msn2
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny x-msn1
http_access deny msn
http_access deny palavras_bloq !liberados
http_access deny palavras_bloq !liberados
http_access deny dom_proib
http_access allow all
http_access allow liberados
http_access deny manager !localhost
http_access deny all

0 0

Quote