Начало Вход/Регистрация Помощ Tazi stranica s latinski bukwi
Области
 Новини
 Актуална тема
 Linux портали
 Какво е Линукс?
 Въпроси-отговори
 Форуми
   •Трудова борса
   •Конкурс
 Статии
 Дистрибуции
   •Поръчка на CD
 Made In BG
 Файлове
 Връзки
 Галерия
 Конференции
Настройки
 Външен вид
 Предложения
 Направи си сам
И още ...
 За нас
 Линукс за българи ЕООД
 Линк към нас
 Предложения

Подкрепяно от:
TelePoint - Място за хора със свободни идеи

SiteGround

initLab

Adsys Group

SAP Bulgaria

Въпроси отговори
Въпрос: squid на кой интерфейс
[Търси: ]

ВНИМАНИЕ: Използвайте форумите на сайта за дa зададете вашите въпроси.

Към началото |Добави въпрос |Отговори
 
Въпрос
От: Иван Дата: 10/02/2006
 На кой интерфейс трябва да редиректва на локалния или
външния???


Отговор #1
От: Иван Дата: 10/02/2006
 Това го оправих,но сега се сблъслак с друг проблем, а
именно:
 Всичко работи уж нормално, squid-a стартира без никакви
 грешки и в лога няма грешки, редиректвам към порт 3128 така:
 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 8080 -j
REDIRECT --to-port 3128 
Скуида слуша на тази порт: 
 tcp        0      0 *:3128                  *:*             
       LISTEN

НО!!!
 Няма http, имам скайп имам всичко работещо различно от порт
80.....
Къде е грешката?????
squid.conf:

#squid.conf
 #Every option in this file is very well documented in the
original squid.conf file
 #and on
http://www.visolve.com/squidman/Configu...
  
#
#The ports our Squid will listen on.
http_port 3128
icp_port 3130
#cgi-bins will not be cached.
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
 #Memory the Squid will use. Well, Squid will use far more
than that.
cache_mem 64 MB
#250 means that Squid will use 250 megabytes of disk space.
cache_dir ufs /usr/local/squid/var/cache 10000 16 256
cache_replacement_policy heap LFUDA
visible_hostname mysquid
    
#Places where Squid's logs will go to.
cache_log /usr/local/squid/var/logs/cache.log
cache_access_log /usr/local/squid/var/logs/access.log
cache_store_log /usr/local/squid/var/logs/store.log
cache_swap_log /usr/local/squid/var/logs/swap.log

#cache_log /var/log/squid/cache.log
#cache_access_log /var/log/squid/access.log
#cache_store_log /var/log/squid/store.log
#cache_swap_log /var/log/squid/swap.log

#How many times to rotate the logs before deleting them.
#See the FAQ for more info.
logfile_rotate 1
    
redirect_rewrites_host_header off
#cache_replacement_policy GDSF
acl localnet src 192.168.0.0/255.255.252.0
#acl localnet0 src 192.168.0.0/255.255.255.0
#acl localnet1 src 192.168.2.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
 acl Safe_ports port 80 443 210 119 70 20 21 1025-6660
7000-65535
acl sux port 6661-6669
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
 acl bokluci2 urlpath_regex -i \.png$ \.mp3$ \.avi$ \.mpg$
\.mpeg$ \.exe$ \.zip$ \.rar$ \.swf$

http_access deny !Safe_ports
http_access deny CONNECT
#http_access deny all
#http_access deny sux
#icp_access deny sux
#http_access deny localnet bokluci2
#http_access deny localnet2 bokluci2
#http_access deny localhost bokluci2
http_access allow localnet
#http_access allow localnet0
#http_access allow localnet1
http_access allow localhost
http_access deny all
icp_access deny !Safe_ports
maximum_object_size 50 MB
#store_avg_object_size 50 KB

 #Set these if you want your proxy to work in a transparent
way.
 #Transparent proxy means you generally don't have to
configure all
#your client's browsers, but hase some drawbacks too.
#Leaving these uncommented won't do any harm.
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

#all our LAN users will be seen by external web servers
#as if they all used Mozilla on Linux. :)
#anonymize_headers deny User-Agent
 #fake_user_agent Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:0.9.6+) Gecko/20011122

 #To make our connection even faster, we put two lines
similar
 #to the ones below. They will point a parent proxy server
our own Squid
 #will use. Don't forget to change the server to the one that
will
#be fastest for you!
#Measure pings, traceroutes and so on.
#Make sure that http and icp ports are correct.

#Uncomment lines beginning with "cache_peer" if necessary.
 #This is the proxy you are going to use for all
connections...
 #cache_peer proxy.descom.com parent 3128 3130 no-digest
default
 #cache_peer proxy.spnet.net parent 3128 3130 no-digest
default
 #...except for the connections to addresses and IPs
beginning with "!".
#It's a good idea not to use a higher
 #cache_peer_domain w3cache.icm.edu.pl !.pl !7thguard.net
!192.168.1.1

#This is useful when we want to use the Cache Manager.
#Copy cachemgr.cgi to cgi-bin of your www server.
#You can reach it then via a web browser typing
#the address http://your-web-server/cgi-bin/cachemgr...
cache_mgr SQUID
cachemgr_passwd SQUID1S all

#This is a name of a user our Squid will work as.
cache_effective_user squid
cache_effective_group squid

log_icp_queries off
buffered_logs off
tcp_recv_bufsize 0 KB

#####DELAY POOLS
 #This is the most important part for shaping incoming
traffic with Squid
 #For detailed description see squid.conf file or docs at
http://www.squid-cache.org
#We don't want to limit downloads on our local network.

#acl magic_words1 url_regex -i 192.168

#We want to limit downloads of these type of files
#Put this all in one line
 #acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz
 .gz .rpm .zip .rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso
.raw .wav .mov .html .gif .jpg

 #We don't block .html, .gif, .jpg and similar files, because
they
#generally don't consume much bandwidth

#We want to limit bandwidth during the day, and allow
#full bandwidth during the night
 #Caution! with the acl below your downloads are likely to
break
 #at 23:59. Read the FAQ in this bandwidth if you want to
avoid it.
#acl day time 09:00-08:59

#We have two different delay_pools
#View Squid documentation to get familiar
#with delay_pools and delay_class.
#delay_pools 2

#First delay pool
#We don't want to delay our local traffic.
 #There are three pool classes; here we will deal only with
the second.
#First delay class (1) of second type (2).
#delay_class 1 2

#-1/-1 mean that there are no limits.
#delay_parameters 1 -1/-1 -1/-1

#magic_words1: 192.168 we have set before
#delay_access 1 allow magic_words1


#Second delay pool.
 #we want to delay downloading files mentioned in
magic_words2.
#Second delay class (2) of second type (2).
#delay_class 2 2

#The numbers here are values in bytes;
 #we must remember that Squid doesn't consider start/stop
bits
#5000/150000 are values for the whole network
#5000/120000 are values for the single IP
#after downloaded files exceed about 150000 bytes,
#(or even twice or three times as much)
#they will continue to download at about 5000 bytes/s

#delay_parameters 2 5000/150000 5000/120000
#We have set day to 09:00-23:59 before.
#delay_access 2 allow day
#delay_access 2 deny !day
#delay_access 2 allow magic_words2

та се питам къде бъркам.......
Моля някой да помогне,че вече ужас 2 дена....


Отговор #2
От: mutant Дата: 10/02/2006
защо редиректваш порт 8080 ? tcp --dport 8080 
трябва да редиректваш порт 80 tcp --dport 80



Отговор #3
От: Иван Дата: 10/02/2006
 Правописна грешка повторил съм го.Не редиректвам си към 80
ама не става...Просто тук съм го написал 2-пъти..


Отговор #4
От: plamen Дата: 10/02/2006
Защо даваш само достъп от локалния хост ?


Отговор #5
От: Иван Дата: 10/02/2006
A kak trqbva da se napravi....


<< update from CD (0 ) | different hardware profiles for Mandrake (0 ) >>

 
© 2011-... Асоциация "Линукс за българи"
© 2007-2010 Линукс за българи ЕООД
© 1999-2006 Slavej Karadjov
Ако искате да препечатате или цитирате информация от този сайт прочетете първо това
Външния вид е направен от MOMCHE
Code Version: 1.0.8 H (Revision: 23-09-2011)
 
Изпълнението отне: 0 wallclock secs ( 0.05 usr + 0.01 sys = 0.06 CPU)