thiagomgt
(usa Debian)
Enviado em 31/08/2007 - 11:29h
Bom dia, estou precisando urgente da ajuda de vocês. Estou com o servidor debian instalado, e instalei pelo agt-get o squid 2.6 Stable5.
A questão é, configurei o squid.conf (/etc/squid/squid.conf) conforme conf logo abaixo. Bom, ao dar um start, stop ou um restart funciona normal, não da nenhum erro, porem, quando rodo o comando squid -k reconfigure, da a seguinte mensagem: squid: ERROR: No running copy. Pesquisando, verifiquei q tinha alguma coisa a ver com o squid.pid. Fui atras dele e ele realmente n está sendo criado, apesar de ter colocado na Tag pid_filename /var/run/squid.pid no squid.conf. Dessa forma acredito q o squid não está realmente rodando. Tentei criar manualmente o arquivo, squid.pid, + ai qndo dou squid -k reconfigure, ele diz q não consegue enviar sinal ao processo.
obs.: como instalei por apt-get não fiz nenhum tipo de config adicional. e li algo sobre dar permissao a um usuario squid. será q é por isso q ele n está rodando???? alguem poderia me ajudar me dando os passou para configurar isso, pois sou novato no mundo linux... OBRIGADO.....
############
##SQUID.CONF
############
http_port 3128 transparent
visible_hostname firewallstm
error_directory /usr/share/squid/errors/Portuguese
cache_mem 32 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 512 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 15000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
pid_filename /var/run/squid.pid
############################
####### ACL DE REDES #######
############################
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl acesso_restrito src "/usr/local/sbin/firewall/squid/acesso_restrito"
acl bloquear_ip src "/usr/local/sbin/firewall/ips_block_all"
acl liberar_ip src "/usr/local/sbin/firewall/squid/ips_liberados"
acl rede_clean src "/usr/local/sbin/firewall/squid/rede_clean"
acl manager proto cache_object
### FIM ACL REDES #######
###########################
##### ACL DE PORTAS #######
###########################
acl porta_msn port 1863 # msn
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 587 # smtp (email)
acl Safe_ports port 110 # pop (email)
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregister
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiting http
acl Safe_ports port 901 # swat
acl Safe_ports port 4685
acl Safe_ports port 4665
acl Safe_ports port 5017 #cat
acl purge method PURGE
acl CONNECT method CONNECT
#############################
#### REGRAS DE ACESSO #######
#############################
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny porta_msn
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
##################
# negar dominios #
##################
acl proibidos dstdom_regex "/usr/local/sbin/firewall/squid/proibidos"
################################
## negar palavras no buscador ##
################################
acl palavras url_regex -i "/usr/local/sbin/firewall/squid/palavras"
######################
## negar downloads ###
######################
acl downloads urlpath_regex -i "/usr/local/sbin/firewall/squid/downloads"
#######################
## sites autorizados ##
#######################
acl sites_ok dstdom_regex "/usr/local/sbin/firewall/squid/sites_ok"
######################
## bloq MSN / GTALK ##
######################
acl msn dstdomain loginnet.passport.com
acl msnmessenger url_regex -i gateway.dll?
acl msnmessenger url_regex -i tabs.asp?
acl msn2 req_mime_type -i ^application/x-msn-messenger$
# Bloq chat gmail
acl blocktalk url_regex -i mail.google.com/mail/channel/bind
#####################
## regas de acesso ##
#####################
http_access allow liberar_ip
no_cache deny liberar_ip
always_direct allow liberar_ip
http_access deny bloquear_ip
http_access deny !rede_clean
http_access allow sites_ok
http_access deny palavras
http_access deny acesso_restrito
http_access deny msnmessenger
http_access deny msn
http_access deny msn2
http_access deny proibidos
http_access deny downloads
http_access allow localhost
http_access allow rede_clean
http_access deny all