JoeBala
(usa Outra)
Enviado em 23/12/2011 - 15:18h
Alguém pode por favor me dá uma luz. Sou calouro em squid!!!
Já verifiquei o arquivo ncsa_auth e o passwd. A princípio estão íntegros e no local correto. Qual pode ser a causa dele não querer autenticar??? usuário navega normal com as mesmas regras que separei por ip, pois não pede pra autenticar.
Debian com Squid3
Meu squid.conf
----------------------------------------------------------------------------------------------
http_port 3128 transparent
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
auth_param basic realm Digite seu usuario e senha
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
visible_hostname forumti
cache_mgr webmaster@localhost
error_directory /usr/share/squid3/errors/Portuguese
hierarchy_stoplist cgi-bin ?
cache_mem 32 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 100 MB
cache_dir ufs /var/spool/squid3 2040 16 256
refresh_pattern ^ftp: 360 20% 10080
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
access_log /var/log/squid3/access.log
acl localhost src 127.0.0.1/32
acl localnet src 10.30.0.0/16
#TI
acl user_free src "/etc/squid3/user_free"
http_access allow user_free
#Autentica
acl usuarios proxy_auth REQUIRED
http_access allow usuarios
#Superintendentes e Gerentes
acl user_chefia src "/etc/squid3/user_chefia"
#Marketing e Merchandising
acl user_social src "/etc/squid3/user_social"
#Operacional
acl user_operacional src "/etc/squid3/user_operacional"
#Administrativo
acl user_administrativo src "/etc/squid3/user_administrativo"
#Financeiro
acl user_financeiro src "/etc/squid3/user_financeiro"
#usuario Download
acl user_download src "/etc/squid3/user_download"
#usuario msn
acl user_msn src "/etc/squid3/user_msn"
#sites excessao
acl unblockedsites url_regex -i "/etc/squid3/unblock"
#horario de acesso
acl almoco time MTWHF 13:00-14:00
http_access deny almoco user_operacional
http_access allow localnet almoco
acl free time MTWHFSA 07:00-09:00
http_access allow localnet free
acl manager proto cache_object
http_access allow manager localhost
http_access deny manager
#controle download
acl download url_regex -i "/etc/squid3/extensions"
http_access allow download user_download
http_access deny download !unblockedsites
#controle de banda
delay_pools 2
#sem restricao de banda
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow user_free
#restricao banda geral
delay_class 2 2
delay_parameters 2 20000/20000 20000/20000
delay_access 2 allow all
#Bloqueio MSN
acl msn url_regex -i /gateway/gateway.dll
http_access allow msn user_social
http_access allow msn user_chefia
http_access deny msn !user_msn
acl purge method PURGE
http_access allow purge localhost
http_access deny purge
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 80 # http
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 443 # https
acl Safe_ports port 488 # gss-http
acl Safe_ports port 563 # mntps
acl Safe_ports port 591 # filemaker
acl Safe_ports port 633 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # swat
acl Safe_ports port 1025-65535 # unregistered ports
http_access deny !Safe_ports
acl connect method CONNECT
acl ssl_ports port 443 # https
acl ssl_ports port 563 # mntps
acl ssl_ports port 873 # rsync
http_access deny connect !SSL_ports
#url dominio bloqueados
acl domains dstdomain "/etc/squid3/domains"
http_access deny domains !unblockedsites
#palavras bloqueadas
acl words url_regex -i "/etc/squid3/words"
http_access deny words !unblockedsites
#extension blocked
acl extensions urlpath_regex -i "/etc/squid3/extensions"
http_access allow extensions user_download
http_access deny extensions !unblockedsites
#Bloqueio porta 443 https
acl https port 443
http_access allow https user_chefia
http_access allow https user_social
http_access allow https user_msn
http_access deny https !unblockedsites
http_access allow localnet
http_access allow localhost
http_access deny all
----------------------------------------------------------------------------------------------