Това го оправих,но сега се сблъслак с друг проблем, а
именно:
Всичко работи уж нормално, squid-a стартира без никакви
грешки и в лога няма грешки, редиректвам към порт 3128 така:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 8080 -j
REDIRECT --to-port 3128
Скуида слуша на тази порт:
tcp 0 0 *:3128 *:*
LISTEN
НО!!!
Няма http, имам скайп имам всичко работещо различно от порт
80.....
Къде е грешката?????
squid.conf:
#squid.conf
#Every option in this file is very well documented in the
original squid.conf file
#and on
http://www.visolve.com/squidman/Configu...
#
#The ports our Squid will listen on.
http_port 3128
icp_port 3130
#cgi-bins will not be cached.
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
#Memory the Squid will use. Well, Squid will use far more
than that.
cache_mem 64 MB
#250 means that Squid will use 250 megabytes of disk space.
cache_dir ufs /usr/local/squid/var/cache 10000 16 256
cache_replacement_policy heap LFUDA
visible_hostname mysquid
#Places where Squid's logs will go to.
cache_log /usr/local/squid/var/logs/cache.log
cache_access_log /usr/local/squid/var/logs/access.log
cache_store_log /usr/local/squid/var/logs/store.log
cache_swap_log /usr/local/squid/var/logs/swap.log
#cache_log /var/log/squid/cache.log
#cache_access_log /var/log/squid/access.log
#cache_store_log /var/log/squid/store.log
#cache_swap_log /var/log/squid/swap.log
#How many times to rotate the logs before deleting them.
#See the FAQ for more info.
logfile_rotate 1
redirect_rewrites_host_header off
#cache_replacement_policy GDSF
acl localnet src 192.168.0.0/255.255.252.0
#acl localnet0 src 192.168.0.0/255.255.255.0
#acl localnet1 src 192.168.2.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl Safe_ports port 80 443 210 119 70 20 21 1025-6660
7000-65535
acl sux port 6661-6669
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
acl bokluci2 urlpath_regex -i \.png$ \.mp3$ \.avi$ \.mpg$
\.mpeg$ \.exe$ \.zip$ \.rar$ \.swf$
http_access deny !Safe_ports
http_access deny CONNECT
#http_access deny all
#http_access deny sux
#icp_access deny sux
#http_access deny localnet bokluci2
#http_access deny localnet2 bokluci2
#http_access deny localhost bokluci2
http_access allow localnet
#http_access allow localnet0
#http_access allow localnet1
http_access allow localhost
http_access deny all
icp_access deny !Safe_ports
maximum_object_size 50 MB
#store_avg_object_size 50 KB
#Set these if you want your proxy to work in a transparent
way.
#Transparent proxy means you generally don't have to
configure all
#your client's browsers, but hase some drawbacks too.
#Leaving these uncommented won't do any harm.
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
#all our LAN users will be seen by external web servers
#as if they all used Mozilla on Linux. :)
#anonymize_headers deny User-Agent
#fake_user_agent Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:0.9.6+) Gecko/20011122
#To make our connection even faster, we put two lines
similar
#to the ones below. They will point a parent proxy server
our own Squid
#will use. Don't forget to change the server to the one that
will
#be fastest for you!
#Measure pings, traceroutes and so on.
#Make sure that http and icp ports are correct.
#Uncomment lines beginning with "cache_peer" if necessary.
#This is the proxy you are going to use for all
connections...
#cache_peer proxy.descom.com parent 3128 3130 no-digest
default
#cache_peer proxy.spnet.net parent 3128 3130 no-digest
default
#...except for the connections to addresses and IPs
beginning with "!".
#It's a good idea not to use a higher
#cache_peer_domain w3cache.icm.edu.pl !.pl !7thguard.net
!192.168.1.1
#This is useful when we want to use the Cache Manager.
#Copy cachemgr.cgi to cgi-bin of your www server.
#You can reach it then via a web browser typing
#the address http://your-web-server/cgi-bin/cachemgr...
cache_mgr SQUID
cachemgr_passwd SQUID1S all
#This is a name of a user our Squid will work as.
cache_effective_user squid
cache_effective_group squid
log_icp_queries off
buffered_logs off
tcp_recv_bufsize 0 KB
#####DELAY POOLS
#This is the most important part for shaping incoming
traffic with Squid
#For detailed description see squid.conf file or docs at
http://www.squid-cache.org
#We don't want to limit downloads on our local network.
#acl magic_words1 url_regex -i 192.168
#We want to limit downloads of these type of files
#Put this all in one line
#acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz
.gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso
.raw .wav .mov .html .gif .jpg
#We don't block .html, .gif, .jpg and similar files, because
they
#generally don't consume much bandwidth
#We want to limit bandwidth during the day, and allow
#full bandwidth during the night
#Caution! with the acl below your downloads are likely to
break
#at 23:59. Read the FAQ in this bandwidth if you want to
avoid it.
#acl day time 09:00-08:59
#We have two different delay_pools
#View Squid documentation to get familiar
#with delay_pools and delay_class.
#delay_pools 2
#First delay pool
#We don't want to delay our local traffic.
#There are three pool classes; here we will deal only with
the second.
#First delay class (1) of second type (2).
#delay_class 1 2
#-1/-1 mean that there are no limits.
#delay_parameters 1 -1/-1 -1/-1
#magic_words1: 192.168 we have set before
#delay_access 1 allow magic_words1
#Second delay pool.
#we want to delay downloading files mentioned in
magic_words2.
#Second delay class (2) of second type (2).
#delay_class 2 2
#The numbers here are values in bytes;
#we must remember that Squid doesn't consider start/stop
bits
#5000/150000 are values for the whole network
#5000/120000 are values for the single IP
#after downloaded files exceed about 150000 bytes,
#(or even twice or three times as much)
#they will continue to download at about 5000 bytes/s
#delay_parameters 2 5000/150000 5000/120000
#We have set day to 09:00-23:59 before.
#delay_access 2 allow day
#delay_access 2 deny !day
#delay_access 2 allow magic_words2
та се питам къде бъркам.......
Моля някой да помогне,че вече ужас 2 дена....
|
