Estrutura de Squid.conf [RESOLVIDO]

jessicaribeiro
(usa Debian)

Enviado em 20/06/2011 - 11:00h

Bom dia a todos!

estou criando uma nova estrutura de conf para um servidor Proxy, já criei os arquivos necessarios para bloqueados e liberados porem não sei como devo estrurar meu AD para que a autenticação seja feita com exito;

segue alerta quando reinicio o serviço do squid3 e mais abaixo meu squid conf;

root@spsrvprx:/etc/squid3# /etc/init.d/squid3 restart
Restarting Squid HTTP Proxy 3.x: squid3cd: 144: can't cd to /var/cache/squid
2011/06/20 10:39:47| aclParseAccessLine: squid.conf line 86: http_access alow liberados
2011/06/20 10:39:47| aclParseAccessLine: expecting 'allow' or 'deny', got 'alow'.
2011/06/20 10:39:47| aclParseAccessLine: squid.conf line 87: http_access alow bloqueados
2011/06/20 10:39:47| aclParseAccessLine: expecting 'allow' or 'deny', got 'alow'.


## Squid Conf

1 http_port 172.20.0.13:3128
2
3 hierarchy_stoplist cgi-bin ?
4 acl QUERY urlpath_regex cgi-bin \?
5 acl apache rep_header Server ^Apache
6 error_directory /usr/share/squid3/errors/Portuguese
7 #error_directory /var/www/warning_proxy
8 hosts_file /etc/hosts
9
10 refresh_pattern ^ftp: 1440 20% 10080
11 refresh_pattern ^gopher: 1440 0% 1440
12 refresh_pattern . 0 20% 4320
13
14 access_log /var/log/squid/access.log squid
15 cache_dir ufs /var/cache/squid 1000 16 256
16 cache_mem 256 MB
17 maximum_object_size_in_memory 100 KB
18 maximum_object_size 1024 MB
19 minimum_object_size 0 KB
20 cache_swap_low 90
21 cache_swap_high 95
22 ipcache_size 2048
23 ipcache_low 90
24 ipcache_high 95
25 fqdncache_size 2048
26
27 #acl all src 0.0.0.0/0.0.0.0
28 acl minharede src 172.20.0.0/24
29 acl manager proto cache_object
30 acl localhost src 127.0.0.1/32
31 acl to_localhost dst 127.0.0.0/8
32 acl SSL_ports port 443 # https
33 acl SSL_ports port 563 # snews
34 acl SSL_ports port 873 # rsync
35 acl Safe_ports port 80 # http
36 acl Safe_ports port 21 # ftp
37 acl Safe_ports port 443 # https
38 acl Safe_ports port 70 # gopher
39 acl Safe_ports port 210 # wais
40 acl Safe_ports port 1025-65535 # unregistered ports
41 acl Safe_ports port 280 # http-mgmt
42 acl Safe_ports port 488 # gss-http
43 acl Safe_ports port 591 # filemaker
44 acl Safe_ports port 777 # multiling http
45 acl Safe_ports port 631 # cups
46 acl Safe_ports port 873 # rsync
47 acl Safe_ports port 901 # SWAT
48 acl Safe_ports port 4081 # NewAge
49 acl Safe_ports port 389
50 acl Safe_ports port 990
51 acl Safe_ports port 992
52 acl Safe_ports port 993
53 acl Safe_ports port 1718
54 acl Safe_ports port 1719
55 acl Safe_ports port 1731
56 acl Safe_ports port 3230
57 acl Safe_ports port 3231
58 acl Safe_ports port 3232
59 acl Safe_ports port 3233
60 acl Safe_ports port 3234
61 acl Safe_ports port 3235
62 acl Safe_ports port 5001
63 acl Safe_ports port 5060
64 acl Safe_ports port 8080
65 #acl Safe_ports port 8083 # citrix
66 #acl Safe_ports port 3390 # citrix
67 #acl Safe_ports port 1494 # citrix
68 acl purge method PURGE
69 acl CONNECT method CONNECT
70
71 #Linha para autenticaç de usuáos via protocolo ntlm
72 auth_param ntlm program /usr/bin/ntlm_auth TILAB\spsrvdc01 --helper-protocol=squid-2.5-ntlmssp
73 auth_param ntlm children 30
74 auth_param basic program /usr/bin/ntlm_auth TILAB\spsrvdc01 --helper-protocol=squid-2.5-basic
75 auth_param basic children 5
76 auth_param basic realm Squid proxy-caching web server
77 auth_param basic credentialsttl 2 hours
78 acl auth proxy_auth REQUIRED
79
80 # Autenticacao AD
81 external_acl_type wbinfo_group %LOGIN /usr/lib/squid3/wbinfo_group.pl
82
83 acl bloqueados url_regex -i "/etc/squid3/regras/bloqueados.txt"
84 acl liberados url_regex -i "/etc/squid3/regras/liberados.txt"
85
86 http_access alow liberados
87 http_access alow bloqueados
88 http_access allow manager localhost
89 http_access deny manager
90 http_access allow purge localhost
91 http_access deny purge
92 http_access deny !Safe_ports
93 http_access deny CONNECT !SSL_ports
94 http_access allow localhost
95 http_access deny all
96 icp_access deny all
97
98
99 cache_effective_group proxy
100 cache_access_log /var/log/squid3/access.log
101 cache_dir ufs /var/spool/squid3 2048 16 256
102 coredump_dir /var/spool/squid3
103
104 visible_hostname SPSRVPRX


Valeu Galera!

fs.schmidt
(usa CentOS)

Enviado em 20/06/2011 - 11:07h

Os alteras são sobre erro no parametro "allow"..você apenas esqueceu um "l":

86 http_access alow liberados
87 http_access alow bloqueados

PARA

86 http_access allow liberados
87 http_access allow bloqueados

jessicaribeiro
(usa Debian)

Enviado em 20/06/2011 - 13:34h

Muito obrigada era isso mesmo;

agora só preciso ajustar esses grupos no AD e tá tudo certo!

me perdoem a ignorancia mas sozinha iria ser dificil perceber que era esse o problema;

Valeu!