Squid otimizado? [RESOLVIDO]

1. Squid otimizado? [RESOLVIDO]

eduardo_jst
(usa Slackware)

Enviado em 03/05/2011 - 08:53h

Bom dia galera, eu montei um squid a partir de pesquisas aqui na comu, usando dicas e exemplos do pessoal nota 10 daqui, mas apesar de tudo continuo pesquisando e preciso de ajuda, minha net ta lenta, tenho um link de 2 mb e partir do meu conf, será que vcs podem me ajudar a corrigir os erros deste conf, fazer uma cache de paginas legal, cache de videos, e outras coisas vinda net.
enfim podem me dar um help e dizer onde estou errando?

conf: # ******** Proxy CPD COTAC *****************************
# [ Configuração de Portas e Nomes ]
http_port 192.168.10.1:1829
icp_port 3130
visible_hostname liesch-proxy
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache_dir ufs /var/spool/squid 256 20 384
cache_mem 256 MB

# [ Melhoramento do Sistema e Cache ]
maximum_object_size 1024 MB
minimum_object_size 10 KB
cache_swap_low 50
cache_swap_high 90
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
error_directory /usr/share/squid/errors/Portuguese
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

refresh_pattern -i exe$ 0 50% 999999
refresh_pattern -i zip$ 0 50% 999999
refresh_pattern -i flv$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i swf$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i cab$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i nup$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i ver$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims
refresh_pattern -i rar$ 0 50% 999999 ignore-reload override-lastmod override-expire reload-into-ims

# [ Autenticação de Usuários ]
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/users/usuarios
auth_param basic children 5
auth_param basic realm CPD COTAC - ENTRE COM SEU LOGIN E SENHA :
auth_param basic credentialsttl 1 hours
auth_param basic casesensitive off

# [ Controle de Acessos ]
acl all src 0.0.0.0/0.0.0.0
delay_pools 4
delay_class 1 2
delay_parameters 1 194688/194688 39768/39768
delay_access 1 allow all
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8

# [ Controle de Acessos - Safe Ports ]
acl Safe_ports port 21
acl Safe_ports port 70
acl Safe_ports port 80
acl Safe_ports port 81
acl Safe_ports port 83
acl Safe_ports port 210
acl Safe_ports port 280
acl Safe_ports port 443
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 631
acl Safe_ports port 809
acl Safe_ports port 873
acl Safe_ports port 1025
acl Safe_ports port 2080
acl Safe_ports port 8080

# [ Controle de Acessos - SSL Ports ]
acl SSL_ports port 443 563
acl SSL_ports port 873
acl purge method PURGE
acl CONNECT method CONNECT
no_cache deny QUERY

# [ Controle de Acessos - Http Access ]
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny to_localhost

# ACLs Personalizadas - Controle de acessos somente com usuarios
acl rede_interna src 10.2.111.0/24
acl usuarios proxy_auth /etc/squid/users/usuarios

# Controle de acessos gerais
acl governo dstdomain "/etc/squid/regras/governo"
http_access allow governo

acl sitesgm dstdomain "/etc/squid/regras/sitesgm"
http_access allow sitesgm

acl hadouken url_regex .*brsbags*
tcp_outgoing_address 192.168.10.1 hadouken

# ---- Usuarios com acesso livre
acl acesso_livre proxy_auth "/etc/squid/regras/usr_livre"
http_access allow acesso_livre

#
# --- Usuarios controlados por sites bloqueados
#
#acl acesso_restrito proxy_auth "/etc/squid/regras/usr_restrito"
#acl url_bloqueado url_regex -i "/etc/squid/regras/url_bloqueado"

#
#http_access deny url_bloqueado
#http_access allow acesso_restrito !url_bloqueado
#

#***** Usuarios com acesso somente aos sites liberados
#
#acl acesso_bloqueado proxy_auth "/etc/squid/regras/usr_bloqueado"
#acl url_liberado url_regex -i "/etc/squid/regras/url_liberado"
#
#http_access allow url_liberado
#http_access deny acesso_bloqueado !url_liberado
#

# Bloqueio de extencoes
acl acesso_extencao proxy_auth "/etc/squid/regras/usr_extencao
acl conteudo url_regex -i "/etc/squid/regras/conteudo"
#
http_access deny conteudo
http_access allow acesso_extencao !conteudo

# IP LIVRE
acl iplivre src "/etc/squid/regras/iplivre"

# Regra para bloqueio de extensões de rádios online / arquivos de streaming:
acl streaming rep_mime_type ^video/x-ms-asf

acl proibir_musica urlpath_regex -i \.aif$ \.aifc$ \.aiff$ \.asf$ \.asx$ \.avi$ \.au$ \.m3u$ \.med$ \.mp3$ \.m1v$ \.mp2$ \.mp2v$ \.mpa$ \.mov$ \.mpe$ \.mpg$ \.mpeg$ \.ogg$ \.pls$ \.ram$ \.ra$ \.ram$ \.snd$ \.wma$ \.wmv$ \.wvx$ \.mid$ \.midi$ \.rmi$

http_access deny proibir_musica
http_reply_access deny streaming

acl palavras-block url_regex -i "/etc/squid/regras/palavras-block.conf"
http_access deny palavras-block

########## Cache Videos ###########
refresh_pattern -i .flv$ 10080 90% 999999 ignore-no-cache override-expire ignore-private
acl pulsarchverolet dstdomain "/etc/squid/regras/pulsar/pulsarchevrolet"
cache_access allow usuarios pulsarchevrolet
################################

# Controle de Banda
# ACLs de controle por kbps
#acl bandabaixa proxy_auth "/etc/squid/regras/banda/userbandabaixa"
#acl bandamedia proxy_auth "/etc/squid/regras/banda/userbandamedia"
#acl bandaalta proxy_auth "/etc/squid/regras/banda/userbandaalta"
#acl bandaalta src "/etc/squid/regras/banda/ipbandaalta"
#
# bandabaixa - 128 kbps
# bandamedia - 256 kbps
# bandaalta - 512 kbps

# Delay Pools
# Numeros de conexões e banda
#delay_pools 3
#delay_class 1 2
#delay_class 2 2
#delay_class 3 2

#delay_access 1 allow bandabaixa
#delay_access 2 allow bandamedia
#delay_access 3 allow bandaalta

# Calculo para determinar velocidades
#delay_parameters 1 -1/-1 13000/13000
#delay_parameters 2 -1/-1 25000/25000
#delay_parameters 3 -1/-1 52000/52000

#### Grupos de usuarios #################################################
#
# Grupo vendas
acl grupovendas proxy_auth "/etc/squid/regras/grupos/vendas/usr_vendas"
acl url_liberado_vendas url_regex -i "/etc/squid/regras/grupos/vendas/url_liberado_vendas"
#
http_access allow url_liberado_vendas
http_access deny grupovendas !url_liberado_vendas
http_access allow usuarios grupovendas
#
# Grupo TEC
acl grupotec proxy_auth "/etc/squid/regras/grupos/tec/usr_tec"
acl url_liberado_tec url_regex -i "/etc/squid/regras/grupos/tec/url_liberado_tec"
#
http_access allow url_liberado_tec
http_access deny grupotec !url_liberado_tec
http_access allow usuarios grupotec
#
# Grupo Servicos
acl gruposervicos proxy_auth "/etc/squid/regras/grupos/servicos/usr_servicos"
acl url_liberado_servicos url_regex -i "/etc/squid/regras/grupos/servicos/url_liberado_servicos"
#
http_access allow url_liberado_servicos
http_access deny gruposervicos !url_liberado_servicos
http_access allow usuarios gruposervicos
#
# Grupo adm
acl grupoadm proxy_auth "/etc/squid/regras/grupos/adm/usr_adm"
acl url_liberado_adm url_regex -i "/etc/squid/regras/grupos/adm/url_liberado_adm"
#
http_access allow url_liberado_adm
http_access deny grupoadm !url_liberado_adm
http_access allow usuarios grupoadm

##### teste usuario a usuario
acl suporte proxy_auth "/etc/squid/teste/usr_cpd01"
acl url_liberado_cpd01 url_regex -i "/etc/squid/teste/url_liberado_cpd01"
#
http_access allow url_liberado_cpd01
http_access deny suporte !url_liberado_cpd01
http_access allow usuarios suporte

##### usuario eduardocastro
acl eduardocastro proxy_auth "/etc/squid/regras/usuarios/eduardocastro/usr_eduardocastro"
acl url_liberado_eduardocastro url_regex -i "/etc/squid/regras/usuarios/eduardocastro/url_liberado_eduardocastro"
#
http_access allow url_liberado_eduardocastro
http_access deny eduardocastro !url_liberado_eduardocastro
http_access allow usuarios eduardocastro

#### usuario kamila vendas diretas
acl kamila proxy_auth "/etc/squid/regras/usuarios/kamila/usr_kamila"
acl url_liberado_kamila url_regex -i "/etc/squid/regras/usuarios/kamila/url_liberado_kamila"
#
http_access allow url_liberado_kamila
http_access deny kamila !url_liberado_kamila
http_access allow usuarios kamila
#
#
http_access allow usuarios acesso_livre
#http_access allow usuarios acesso_restrito
#http_access allow usuarios acesso_bloqueado
http_access allow usuarios acesso_extencao
#http_access allow usuarios suportecpd

##Acesso nota fiscal eletronica
acl nfe dstdomain "/etc/squid/regras/nfe"
http_access allow nfe

http_access deny !rede_interna
http_access allow rede_interna
http_access deny all
icp_access allow all
#
cache_mgr webmaster
visible_hostname srvcpdmogi
http_port 1829

0 0

Quote

2. Squid otimizado?

eduardo_jst
(usa Slackware)

Enviado em 03/05/2011 - 08:54h

Ah!!! porq esta dando essas msg nos comentarios?

squid -k reconfigure
2011/05/03 08:56:59| parseConfigFile: squid.conf:1 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:2 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:11 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:24 unrecognized: ' #refresh_pattern'
2011/05/03 08:56:59| parseConfigFile: squid.conf:25 unrecognized: ' #refresh_pattern'
2011/05/03 08:56:59| parseConfigFile: squid.conf:26 unrecognized: ' #refresh_pattern'
2011/05/03 08:56:59| parseConfigFile: squid.conf:27 unrecognized: ' #refresh_pattern'
2011/05/03 08:56:59| parseConfigFile: squid.conf:28 unrecognized: ' #3refresh_pattern'
2011/05/03 08:56:59| parseConfigFile: squid.conf:29 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:30 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:31 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:33 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:40 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:50 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:68 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:75 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:86 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:90 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:101 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:105 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:106 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:107 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:108 unrecognized: ' #acl'
2011/05/03 08:56:59| parseConfigFile: squid.conf:109 unrecognized: ' #acl'
2011/05/03 08:56:59| parseConfigFile: squid.conf:111 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:112 unrecognized: ' #http_access'
2011/05/03 08:56:59| parseConfigFile: squid.conf:113 unrecognized: ' #http_access'
2011/05/03 08:56:59| parseConfigFile: squid.conf:114 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:116 unrecognized: ' #*****'
2011/05/03 08:56:59| parseConfigFile: squid.conf:117 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:118 unrecognized: ' #acl'
2011/05/03 08:56:59| parseConfigFile: squid.conf:119 unrecognized: ' #acl'
2011/05/03 08:56:59| parseConfigFile: squid.conf:120 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:121 unrecognized: ' #http_access'
2011/05/03 08:56:59| parseConfigFile: squid.conf:122 unrecognized: ' #http_access'
2011/05/03 08:56:59| parseConfigFile: squid.conf:123 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:125 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:128 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:132 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:135 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:146 unrecognized: ' ###########'
2011/05/03 08:56:59| parseConfigFile: squid.conf:147 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:148 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:149 unrecognized: ' #'
2011/05/03 08:56:59| parseConfigFile: squid.conf:150 unrecognized: ' ################################'

0 0

Quote