warning squid [RESOLVIDO]

1. warning squid [RESOLVIDO]

Willian Petrocelli Paim
willianpaim

(usa Debian)

Enviado em 22/06/2012 - 10:55h

AMIGOS, ESTOU COM O SEGUINTE ERRO NO MEU SQUID,
2012/06/22 10:49:28| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2012/06/22 10:49:28| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2012/06/22 10:49:28| WARNING: For now we will assume you meant to write /32

SE ALGUEM PUDER ME AJUDAR.
ESTOU POSTANDO AQUI A CONFIGURAÇÃO DO MEU SQUID.CONF
OBRIGADO PELA ATENÇÃO.




# WELCOME TO SQUID 3.0.STABLE19
# ----------------------------
#
# This is the default Squid configuration file. You may wish
# to look at the Squid home page (http://www.squid-cache.org/)
# for the FAQ and other documentation.
#

# OPTIONS FOR AUTHENTICATION
# -----------------------------------------------------------------------------


#Default:
# acl all src all

#Recommended minimum configuration:

acl manager proto cache_object
acl webserver src 10.24.108.5/255.255.255.255
http_access allow manager webserver
http_access deny manager

acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl redelocal src 192.168.0.0/24 # RFC1918 possible internal network
acl redelocal src 10.24.108.0/22 # RFC1918 possible internal network

# Portas Seguras

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 23000 # porta siafi
acl Safe_ports port 8443 # porta siafi
acl Safe_ports port 8999 # porta siafi
acl CONNECT method CONNECT


#Recommended minimum configuration:
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost

#liberar vpn e antivirus
acl serpro dstdomain acesso.serpro.gov.br
acl vpn dstdom_regex "/etc/squid3/vpn"
acl antivirus dstdom_regex "/etc/squid3/antivirus"

always_direct allow serpro
http_access allow vpn
http_access allow antivirus

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 5
redirector_bypass on

#Recommended minimum configuration per scheme:
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/seguranca/usuarios
auth_param basic children 5
auth_param basic realm Proxy 12 CiaComMec
auth_param basic credentialsttl 2 hours

acl autenticados proxy_auth REQUIRED

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks

http_access allow redelocal autenticados
#http_access allow localhost


#bloquear formato de arquivos executaveis: .sh, .exe
acl extban url_regex -i \.exe \.sh \.torrent
http_access deny extban

# Libera sites fora do expediente
acl almoco dstdom_regex "/etc/squid3/squid/almoco"
acl horario1 time 11:30-13:30
acl horario2 time 17:00-23:59
acl horario3 time 00:00-08:00
http_access allow almoco horario1 autenticados
http_access allow almoco horario2 autenticados
http_access allow almoco horario3 autenticados

# Dominios liberados
acl permitidos dstdom_regex "/etc/squid3/squid/permitidos"
http_access allow permitidos autenticados

# Acesso administrativo
acl root proxy_auth admin s2 majbancke capbancke capflaubert
http_access allow root


############## And finally deny all other access to this proxy
####################y
http_access deny all
####################

# NETWORK OPTIONS
#
# Squid normally listens to port 3128
http_port 3128
#Default:
cache_mem 128 MB
maximum_object_size_in_memory 8 KB

#Default:
cache_dir ufs /var/spool/squid3 2000 16 256
minimum_object_size 0 KB
maximum_object_size 4096 KB

#Default:
cache_swap_low 90
cache_swap_high 95

access_log /var/log/squid3/access.log squid
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log

#Suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320


  


2. Re: warning squid [RESOLVIDO]

Renato Freitas
Nanatinho

(usa Debian)

Enviado em 22/06/2012 - 12:47h

Ele está lhe avisando que o padrão a ser usado é o CIDR, por exemplo, para a rede 192.168.1.0 com máscara 255.255.255.0, Você deve espeicificar 192.168.1.0/24.

Para resolver o WARning:
10.24.108.5/255.255.255.255 -> Altere para: 10.24.108.5/32

E sempre utilize este padrão na construção de suas configurações.

Abraço e fique com DEUS!!!





3. warning squid

Willian Petrocelli Paim
willianpaim

(usa Debian)

Enviado em 26/06/2012 - 15:22h

OBRIGADO AMIGO,
ERA ISSO MESMO,
FUNCIONO BLZ.






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts