Lista O meu objetivo agora é configurar o squid para trabalahar como proxy só que localizado em um computador separado do gateway. Sei como configurar o squid localizado no gateway, o que eu estou querendo fazer é instalar em outro computador. O que eu fiz até agora foi: #: Title : Squid Howto #: Date : 2010-10-19 #: Author : "Caio Abreu Ferreira" <idic_terra.com.br> #: Version : 1.0 #: Description : Servidor Squid #: Options : None #: Reference : #: Technical information gateway 192.168.0.2 servidor 192.168.0.7 # /etc/init.d/firewall.sh (gateway) $IPTABLES -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.0.7:3128 $IPTABLES -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 # aptitude install squid3 (server) # /etc/squid/squid.conf (server) # Port on which connections are redirected http_port 192.168.0.7:3128 transparent cache_dir ufs /var/spool/squid3 100 16 256 cache_mgr root@particula.local cache_effective_user proxy ftp_user root@particula.local # Define the access log format logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt # Log client request activities ('squid' is the name of the log format to use) access_log /var/log/squid3/access.log squid # Log information about the cache's behavior cache_log /var/log/squid3/cache.log # Log the activities of the storage manager cache_store_log /var/log/squid3/store.log # Classes acl all src all # Any IP address acl localhost src 127.0.0.0/8 # Localhost acl lan src 192.168.0.0/24 # LAN where authorized clients reside acl manager proto cache_object # Cache object protocol acl to_localhost dst 127.0.0.0/8 # Requests to localhost acl SSL_ports port 443 # https port acl Safe_ports port 80 21 443 # http, ftp, https ports acl CONNECT method CONNECT # SSL CONNECT method # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # Prevent access to local web applications from remote users http_access deny to_localhost # Allow access from the local network http_access allow lan # Default deny (this must be the last rule) http_access deny all Alguem na lista por acaso já fez algo parecido? Desde já obrigado. -- .''`. Caio Abreu Ferreira : :' : idic@terra.com.br `. `'` Debian User `- Key fingerprint = 97F8 61AC 605F 8A8B 3BA1 D479 8C9A 52E8 6478 601F
Attachment:
signature.asc
Description: Digital signature