Acesso a https, pricipalmente governo lentos [RESOLVIDO]
1. Acesso a https, pricipalmente governo lentos [RESOLVIDO]
removido
(usa Nenhuma)
Enviado em 11/12/2017 - 11:33h
Bom dia Meninos,estou com problema em meu server, o acesso a paginas https, sendo principalmente do governo, estão muito lentos, algum poderia me dar uma dica?
segue meu squid.conf
##########################################
##ARQUIVO DE CONFIGURAÇÃO DO SQUID 3.4.8##
##########################################
# ------------------------
#PORTA DE ACESSO AO PROXY#
http_port 192.168.100.1:5005
visible_hostname Rede-JL
#-------------------------
#PARAMETROS DE AUTENTICAÇÃO#
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/cadastro
auth_param basic children 5
auth_param basic realm JL - Digite seu LOGIN e SENHA de Internet!
auth_param basic credentialsttl 1 hours
auth_param basic casesensitive off
forward_max_tries 50 #Tenta os primeiros 200 ips do endereço
cache_mgr suporte@jl.com.br
error_directory /usr/share/squid/errors/pt-br/
#dns_nameservers 127.0.0.1
cache_mem 4000 MB
half_closed_clients off
maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
minimum_object_size 10 KB
cache_swap_low 90
cache_swap_high 95
# POLITICAS DE REPOSICAO
memory_replacement_policy heap GDSF
cache_replacement_policy heap LFUDA
cache_mgr not_to_be_disturbed
#FIX
ipcache_low 98
ipcache_high 99
ipcache_size 16378
quick_abort_min -1 KB
quick_abort_max 0 KB
quick_abort_pct 90
memory_pools on
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern -i (/cgi-bin/|\?) 15 0% 2280
refresh_pattern . 15 0% 2280
#-------------------------
cache_effective_user proxy
coredump_dir /var/spool/squid
cache_dir diskd /var/dados/spool/squid/squid0 30000 32 256 Q1=64 Q2=72
cache_dir diskd /var/dados/spool/squid/squid1 30000 32 256 Q1=64 Q2=72
cache_dir diskd /var/dados/spool/squid/squid2 30000 32 256 Q1=64 Q2=72
cache_dir diskd /var/dados/spool/squid/squid3 30000 32 256 Q1=64 Q2=72
cache_dir diskd /var/dados/spool/squid/squid4 30000 32 256 Q1=64 Q2=72
cache_dir diskd /var/dados/spool/squid/squid5 30000 32 256 Q1=64 Q2=72
cache_access_log /var/dados/log/squid/access.log
cache_log /var/dados/log/squid/cache.log
cache_store_log /var/dados/log/squid/store.log
server_persistent_connections off
client_persistent_connections off
## AUTENTICACAO ##
acl usuarios proxy_auth REQUIRED
#http_access allow usuarios
acl purge method PURGE
#http_access allow purge localhost
http_access deny purge
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http
acl Safe_ports port 82 # http nbs
acl Safe_ports port 85 # http nbs
acl Safe_ports port 210 # wais
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 365 # http-mgmt
acl Safe_ports port 443 # https
acl Safe_ports port 488 # gss-http
acl Safe_ports port 563 # mntps
acl Safe_ports port 591 # filemaker
acl Safe_ports port 631 # filemaker
acl Safe_ports port 633 # cups
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 809 #
acl Safe_ports port 3334 # despachanre
acl Safe_ports port 3456 #Sped Fiscal
acl Safe_ports port 3497 #Sped Fiscal
acl Safe_ports port 8080
acl Safe_ports port 9090
acl Safe_ports port 901 # swat
acl Safe_ports port 1011
acl Safe_ports port 1012
acl Safe_ports port 3050 # bradesco
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 1158
acl Safe_ports port 1088
acl Safe_ports port 1707
acl Safe_ports port 1311
acl Safe_ports port 5001
acl Safe_ports port 4041
acl Safe_ports port 8086
acl Safe_ports port 10000
http_access deny !Safe_ports
acl connect method CONNECT
#http_access deny connect !SSL_ports
#Cache geral
refresh_pattern -i \.index.(html|htm|php|jsp|jsf|js|asp)$ 0 40% 10080
refresh_pattern -i \.(html|htm|css|js|asp|php|jsp|jsf)$ 1440 40% 40320
refresh_pattern -i .(gif|png|jpg|ico|bmp|tiff|jpeg)$ 720 100% 7200 override-expire override-lastmod reload-into-ims ignore-private
refresh_pattern -i .(apk|rpm|deb|exe|msu|zip|tar|xz|bz|bz2|lzma|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf|nth|psd|sis)$ 720 100% 7200 override-expire override-lastmod reload-into-ims ignore-private
refresh_pattern -i .(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 720 100% 7200 override-expire override-lastmod reload-into-ims ignore-private
#Cache windowsupdate
refresh_pattern windowsupdate.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern http://www.download.microsoft.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern http://www.microsoft.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern au.download.windowsupdate.com/.*\.(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
refresh_pattern download.windowsupdate.com/.*\.(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
refresh_pattern cache.pack.google.com/.*\.(cab|exe|dll|msi|psf) 4320 100% 43200 reload-into-ims
refresh_pattern http://www.update.microsoft.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern wwww.download.windowsupdate.com/.*\.(cab|exe|dll|msi|psf) 10080 100% 43200 reload-into-ims
refresh_pattern -i microsoft.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windowsupdate.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i windows.com/.*\.(cab|exe|ms[i|u|f]|[ap]sf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
refresh_pattern -i .*microsoft\.com/.*\.(cab|exe|msi|msp|octet-stream|vnd.ms-cab-compressed) 129600 100% 129600 override-expire override-lastmod reload-into-ims ignore-reload ignore-private
refresh_pattern -i .*windowsupdate\.com/.*\.(cab|exe|msi|msp|vnd.ms-cab-compressed|octet-stream) 129600 100% 129600 override-expire override-lastmod reload-into-ims ignore-reload ignore-private
refresh_pattern -i .*debian\.com/.*\.(tar|bz|bz2|gpg|gz|zip|deb) 129600 100% 129600 override-expire override-lastmod reload-into-ims ignore-reload ignore-private
refresh_pattern -i .*adobe\.com/.*\.(exe|msi) 129600 100% 129600 override-expire override-lastmod reload-into-ims ignore-reload ignore-private
refresh_pattern ([^.]+.|)avast.com/.*\.(vpu|vpaa|vpx) 4320 100% 43200 reload-into-ims
refresh_pattern ([^.]+.|)kaspersky.com/.*\.(vpu|vpaa|dif|xml|klz|kdc|dat|mft|ewi|pxi|cia|wau|uey|fbo|psn|n5t) 4320 100% 43200 reload-into-ims
########### Cache Videos ###########
refresh_pattern -i \.flv$ 4320 100% 43200 override-expire ignore-private
acl micropower dstdomain .micripower.com.br midia.micropwer.com.br
cache allow micropower
####################################
#####################################################################
#---------------------------
### SERVIDOR TERMINAL SERVER #################################################################
acl acessoserver src "/etc/squid/server/ip_bloqueado"
acl site_server url_regex -i "/etc/squid/server/site_server"
http_access allow site_server
http_access deny acessoserver !site_server
###########################################################
##INICIO DAS REGRAS DE CONTROLE PELO "/etc/squid/"##
###########################################################
acl governo url_regex -i "/etc/squid/sites/governo"
http_access allow governo
acl url_sem_cache url_regex -i "/etc/squid/sites/url_sem_cache"
always_direct allow url_sem_cache
acl bradesco url_regex "/etc/squid/sites/url_bradesco"
http_access allow all bradesco
#Departamento de TI
acl ti proxy_auth "/etc/squid/users/usr_ti"
http_access allow all ti
# BLOQUEIO DE EXTENCOES
#acl extencoes urlpath_regex -i "/etc/squid/extencoes"
#http_access deny extencoes
##############################NIVEL 1##############################
##ENDEREÇOS COM ACESSO IRRESTRÍTO##
acl noproxy url_regex "/etc/squid/sites/url_livre"
http_access allow all noproxy
##############################NIVEL 2##############################
##REGRAS DE USUÁRIOS SEM RESTRIÇÕES##
#Gerentes, marketing e tercerizados
acl livre proxy_auth "/etc/squid/users/usr_livre"
http_access allow all livre
#---------------------------
acl geral proxy_auth "/etc/squid/users/ex_usr/ex_geral"
acl url_geral url_regex "/etc/squid/sites/ex_url/ex_geral"
http_access allow geral url_geral
http_access deny all
bjs :)
Patrocínio
Site hospedado pelo provedor RedeHost.
Destaques
Artigos
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Dicas
Como renomear arquivos de letras maiúsculas para minúsculas
Imprimindo no formato livreto no Linux
Vim - incrementando números em substituição
Efeito "livro" em arquivos PDF
Como resolver o erro no CUPS: Unable to get list of printer drivers
Tópicos
Vou voltar moderar conteúdos de Dicas e Artigos (1)
SysAdmin ou DevOps: Qual curso inicial pra essa área? (3)
É cada coisa que me aparece! - não é só 3% (3)
Melhorando a precisão de valores flutuantes em python[AJUDA] (5)
Top 10 do mês
-
Xerxes
1° lugar - 67.225 pts -
Fábio Berbert de Paula
2° lugar - 50.863 pts -
Buckminster
3° lugar - 18.053 pts -
Mauricio Ferrari
4° lugar - 15.808 pts -
Alberto Federman Neto.
5° lugar - 14.687 pts -
Diego Mendes Rodrigues
6° lugar - 13.381 pts -
Daniel Lara Souza
7° lugar - 12.976 pts -
edps
8° lugar - 11.471 pts -
Andre (pinduvoz)
9° lugar - 11.110 pts -
Alessandro de Oliveira Faria (A.K.A. CABELO)
10° lugar - 11.090 pts
Scripts
[Python] Automação de scan de vulnerabilidades
[Python] Script para analise de superficie de ataque
[Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem
[Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)
[Shell Script] Script para adicionar bordas às imagens de uma pasta
A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.
Site hospedado por:
