celso22
(usa Debian)
Enviado em 12/03/2012 - 20:17h
Alguem poderia passar um exemplo do squid.conf do bfw?
minhas configurações estão assim mais não funciona ele bloqueia tudo.
Uso o mikrotik 2.9.27 em paralelo com o bfw 3.0.254.
mikrotik com 3 placa de rede.
LINK IP: DINÂMICO
REDE LOCAL IP: 192.168.0.1
PARALELO COM O BFW: 192.168.1.1
BFW IP: 192.168.1.2
REGRAS NO MIKROTIK
/ip
firewall filter
add action=accept chain=forward comment="aceita BFW" disabled=no
\
src-address=192.168.1.0/24
/ip firewall nat
add action=dst-nat chain=dstnat comment="Redireciona BFW"
disabled=no \
dst-port=80 protocol=tcp src-address=192.168.0.0/24
to-addresses=\
192.168.1.2 to-ports=3128
http_port 3128
http_port 3129 intercept
hierarchy_stoplist cgi-bin ?
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl browser_detect req_header Accept-Language [a-zA-Z;]
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
acl localnet src fc00::/7
acl localnet src fe80::/10
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all
visible_hostname SERVER-CACHE
cache_dir diskd /partition/squid/cache 20480 48 256 Q1=72 Q2=64
coredump_dir /partition/squid/cache
access_log /partition/squid/logs/access.log
cache_store_log none
cache_log /dev/null
pid_filename /var/run/squid.pid
cache_mem 512 MB
maximum_object_size 10240 KB
minimum_object_size 1 KB
maximum_object_size_in_memory 128 KB
cache_replacement_policy heap LFUDA
half_closed_clients off
server_persistent_connections off
qos_flows local-hit=0x30
DAI DA ESSE ERRO:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
The following error was encountered while trying to retrieve the URL: /
Invalid URL
Some aspect of the requested URL is incorrect.
Some possible problems are:
•
Missing or incorrect access protocol (should be “http://” or similar)
•
Missing hostname
•
Illegal double-escape in the URL-Path
•
Illegal character in hostname; underscores are not allowed.
Your cache administrator is webmaster.
--------------------------------------------------------------------------------
Generated Mon, 12 Mar 2012 20:10:01 GMT by SERVER-CACHE (squid/3.1.18)
O QUE ESTÁ ACONTECENDO?
JÁ ESTOU COM ESSE PROBLEMA DESDE QUE EU INSTALEI O BFW.