forum.opennet.ru

Составление сообщения

Исходное сообщение

"FreeDSD 8 + Squid (не работает прозрачный прокси)"
Отправлено Ashtaroth, 27-Апр-10 09:49

Настройки в rc.config:
ifconfig_rl0="inet 192.168.0.253  netmask 255.255.255.0"
ifconfig_rl0_alias0="inet 192.168.1.253  netmask 255.255.255.0"
ifconfig_rl0_alias1="inet 192.168.2.253  netmask 255.255.255.0"
ifconfig_rl0_alias2="inet 192.168.3.253  netmask 255.255.255.0"
defaultrouter="192.168.0.8"
#natd_enable="YES"
#natd_interface="rl0"
#natd_flags="-dynamic -config /etc/config/natd.conf"
squid_enable="YES"
правило в фаерволе:
ipfw add fwd 127.0.0.1,3128 tcp from any to any dst-port 80 via rl0 in
Код в squid.conf:
#http_port 3128
http_port 127.0.0.1:3128 transparent
#icp_port 0
hierarchy_stoplist cgi-bin ?
#acl QUERY urlpath_regex cgi-bin \?
#no_cache deny QUERY
cache_mem 512 MB
cache_swap_low 93
cache_swap_high 95
#maximum_object_size 8092 KB
maximum_object_size_in_memory 512 KB
ipcache_size 2048
memory_replacement_policy lru
cache_dir ufs /usr/local/squid/cache 1000 64 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /usr/local/squid/logs/squid.pid
debug_options ALL,1
diskd_program /usr/local/libexec/squid/diskd-daemon
redirect_program /usr/local/bin/squidGuard
redirect_children 8
cache_mgr admin@my_domain.ru
visible_hostname mail.my_domain.ru
tcp_outgoing_address 222.222.222.222
refresh_pattern ^ftp:         &n... 1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl QUERY urlpath_regex cgi-bin \? chat css
acl our_domain dstdomain progress-stroy.local progress-stroy.com.ua www.progress-stroy.com.ua
no_cache allow our_domain QUERY
always_direct allow our_domain
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl local_src src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0
acl local_dst dst 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl our_net src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0
acl our_serv dst 127.0.0.1/255.255.255.255 195.114.135.210
acl CONNECT method CONNECT
acl porno url_regex -i '/usr/local/my_doc_smb/squid/porn.conf'
acl mail url_regex -i '/usr/local/my_doc_smb/squid/mail.conf'
acl Banner url_regex -i '/usr/local/my_doc_smb/squid/banner.conf'
acl download url_regex -i '/usr/local/my_doc_smb/squid/download.conf'
acl NoBanner url_regex -i '/usr/local/my_doc_smb/squid/noban.conf'
acl leadership src '/usr/local/my_doc_smb/squid/leadership.conf'
acl priveleged src '/usr/local/my_doc_smb/squid/privileged.conf'
acl all_users src '/usr/local/my_doc_smb/squid/all_users.conf'
http_access    allow        NoBanner    all_users
http_access    deny        mail         all_users
http_access    deny        download    all_users
http_access    allow                all_users
http_access    allow        !porno !download    priveleged
http_access    allow                    leadership
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
cachemgr_passwd 234 all
error_directory /usr/local/etc/squid/errors/Russian-1251
coredump_dir /usr/local/squid/cache
pipeline_prefetch on
Результат: прозрачный прокси не работает. В чём может быть проблема?

Исходное сообщение
"FreeDSD 8 + Squid (не работает прозрачный прокси)" Отправлено Ashtaroth, 27-Апр-10 09:49
Настройки в rc.config: ifconfig_rl0="inet 192.168.0.253 netmask 255.255.255.0" ifconfig_rl0_alias0="inet 192.168.1.253 netmask 255.255.255.0" ifconfig_rl0_alias1="inet 192.168.2.253 netmask 255.255.255.0" ifconfig_rl0_alias2="inet 192.168.3.253 netmask 255.255.255.0" defaultrouter="192.168.0.8" #natd_enable="YES" #natd_interface="rl0" #natd_flags="-dynamic -config /etc/config/natd.conf" squid_enable="YES" правило в фаерволе: ipfw add fwd 127.0.0.1,3128 tcp from any to any dst-port 80 via rl0 in Код в squid.conf: #http_port 3128 http_port 127.0.0.1:3128 transparent #icp_port 0 hierarchy_stoplist cgi-bin ? #acl QUERY urlpath_regex cgi-bin \? #no_cache deny QUERY cache_mem 512 MB cache_swap_low 93 cache_swap_high 95 #maximum_object_size 8092 KB maximum_object_size_in_memory 512 KB ipcache_size 2048 memory_replacement_policy lru cache_dir ufs /usr/local/squid/cache 1000 64 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log pid_filename /usr/local/squid/logs/squid.pid debug_options ALL,1 diskd_program /usr/local/libexec/squid/diskd-daemon redirect_program /usr/local/bin/squidGuard redirect_children 8 cache_mgr admin@my_domain.ru visible_hostname mail.my_domain.ru tcp_outgoing_address 222.222.222.222 refresh_pattern ^ftp: &n... 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl QUERY urlpath_regex cgi-bin \? chat css acl our_domain dstdomain progress-stroy.local progress-stroy.com.ua www.progress-stroy.com.ua no_cache allow our_domain QUERY always_direct allow our_domain acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl local_src src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 acl local_dst dst 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl our_net src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 acl our_serv dst 127.0.0.1/255.255.255.255 195.114.135.210 acl CONNECT method CONNECT acl porno url_regex -i '/usr/local/my_doc_smb/squid/porn.conf' acl mail url_regex -i '/usr/local/my_doc_smb/squid/mail.conf' acl Banner url_regex -i '/usr/local/my_doc_smb/squid/banner.conf' acl download url_regex -i '/usr/local/my_doc_smb/squid/download.conf' acl NoBanner url_regex -i '/usr/local/my_doc_smb/squid/noban.conf' acl leadership src '/usr/local/my_doc_smb/squid/leadership.conf' acl priveleged src '/usr/local/my_doc_smb/squid/privileged.conf' acl all_users src '/usr/local/my_doc_smb/squid/all_users.conf' http_access allow NoBanner all_users http_access deny mail all_users http_access deny download all_users http_access allow all_users http_access allow !porno !download priveleged http_access allow leadership http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all cachemgr_passwd 234 all error_directory /usr/local/etc/squid/errors/Russian-1251 coredump_dir /usr/local/squid/cache pipeline_prefetch on Результат: прозрачный прокси не работает. В чём может быть проблема?

Ваше сообщение
Имя*:
EMail:	Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	> Настройки в rc.config: > ifconfig_rl0="inet 192.168.0.253 netmask 255.255.255.0" > ifconfig_rl0_alias0="inet 192.168.1.253 netmask 255.255.255.0" > ifconfig_rl0_alias1="inet 192.168.2.253 netmask 255.255.255.0" > ifconfig_rl0_alias2="inet 192.168.3.253 netmask 255.255.255.0" > defaultrouter="192.168.0.8" > #natd_enable="YES" > #natd_interface="rl0" > #natd_flags="-dynamic -config /etc/config/natd.conf" > squid_enable="YES" > правило в фаерволе: > ipfw add fwd 127.0.0.1,3128 tcp from any to any dst-port 80 via > rl0 in > Код в squid.conf: > #http_port 3128 > http_port 127.0.0.1:3128 transparent > #icp_port 0 > hierarchy_stoplist cgi-bin ? > #acl QUERY urlpath_regex cgi-bin \? > #no_cache deny QUERY > cache_mem 512 MB > cache_swap_low 93 > cache_swap_high 95 > #maximum_object_size 8092 KB > maximum_object_size_in_memory 512 KB > ipcache_size 2048 > memory_replacement_policy lru > cache_dir ufs /usr/local/squid/cache 1000 64 256 > cache_access_log /var/log/squid/access.log > cache_log /var/log/squid/cache.log > cache_store_log /var/log/squid/store.log > pid_filename /usr/local/squid/logs/squid.pid > debug_options ALL,1 > diskd_program /usr/local/libexec/squid/diskd-daemon > redirect_program /usr/local/bin/squidGuard > redirect_children 8 > cache_mgr admin@my_domain.ru > visible_hostname mail.my_domain.ru > tcp_outgoing_address 222.222.222.222 > refresh_pattern ^ftp: > 1440 20% 10080 > refresh_pattern ^gopher: 1440 > 0% 1440 > refresh_pattern . > 0 > 20% 4320 > acl QUERY urlpath_regex cgi-bin \? chat css > acl our_domain dstdomain progress-stroy.local progress-stroy.com.ua www.progress-stroy.com.ua > no_cache allow our_domain QUERY > always_direct allow our_domain > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/255.255.255.255 > acl local_src src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 > acl local_dst dst 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 > acl SSL_ports port 443 563 > acl Safe_ports port 80 > acl Safe_ports port 21 > acl Safe_ports port 443 563 > acl Safe_ports port 70 > acl Safe_ports port 210 > acl Safe_ports port 1025-65535 > acl Safe_ports port 280 > acl Safe_ports port 488 > acl Safe_ports port 591 > acl Safe_ports port 777 > acl our_net src 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 > acl our_serv dst 127.0.0.1/255.255.255.255 195.114.135.210 > acl CONNECT method CONNECT > acl porno url_regex -i '/usr/local/my_doc_smb/squid/porn.conf' > acl mail url_regex -i '/usr/local/my_doc_smb/squid/mail.conf' > acl Banner url_regex -i '/usr/local/my_doc_smb/squid/banner.conf' > acl download url_regex -i '/usr/local/my_doc_smb/squid/download.conf' > acl NoBanner url_regex -i '/usr/local/my_doc_smb/squid/noban.conf' > acl leadership src '/usr/local/my_doc_smb/squid/leadership.conf' > acl priveleged src '/usr/local/my_doc_smb/squid/privileged.conf' > acl all_users src '/usr/local/my_doc_smb/squid/all_users.conf' > http_access allow NoBanner all_users > http_access deny mail all_users > http_access deny download all_users > http_access allow all_users > http_access allow !porno !download priveleged > http_access allow leadership > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access deny all > cachemgr_passwd 234 all > error_directory /usr/local/etc/squid/errors/Russian-1251 > coredump_dir /usr/local/squid/cache > pipeline_prefetch on > Результат: прозрачный прокси не работает. В чём может быть проблема?
	Введите код, изображенный на картинке:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру