Re: [Fwd: Squid plus]

To: Felipe Neuwald <felipe@neuwald.biz>
Cc: Lista Debian <debian-user-portuguese@lists.debian.org>
Subject: Re: [Fwd: Squid plus]
From: Eder Gobbi <edergobbi@gmail.com>
Date: Mon, 20 Mar 2006 17:01:28 -0300
Message-id: <[🔎] 1142884889.22701.9.camel@localhost.localdomain>
In-reply-to: <[🔎] 441F071D.3090908@neuwald.biz>
References: <[🔎] 1142883927.22701.0.camel@localhost.localdomain> <[🔎] 441F071D.3090908@neuwald.biz>

Em Seg, 2006-03-20 às 16:48 -0300, Felipe Neuwald escreveu:
> Eder,
> 
> provavelmente ACLs. Envia teu squid.conf.
> 
> Felipe.

TNX pela resposta.. 

Segue o dito:

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

auth_param ntlm program /bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm use_ntlm_negotiate off
auth_param ntlm children 10
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 5 minutes

auth_param basic program /bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Proxy GUARAPLY
auth_param basic credentialsttl 2 hours

refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

external_acl_type NT_global_group children=10 %
LOGIN /usr/local/squid/libexec/wbinfo_group.pl
acl ProxyUsers external NT_global_group GRS_NET
http_access allow ProxyUsers

acl day time MTWHF 08:00-17:00

acl ProxyUsersMeioDia external NT_global_group GRS_NETD
http_access allow ProxyUsersMeioDia day

redirect_program /sbin/redirector ads audio-video blocked hacking jogos
porn proxy

http_access deny all

http_reply_access allow all

icp_access allow all

coredump_dir /usr/local/squid/var/cache

A situação atual é a seguinte:

Tenho um usuário "eder" dentro do grupo GRS_NET no AD:

 - GRSS003:/etc# getent group GRS_NET
 - GRS_NET:x:10057:eder

Logo com esse usuário em uma estação windows e não consigo navegar. A
resposta vem direto do Squid:

 - Generate Mon, 20 Mar 2009 19:54:56 GMT by
GRSS003.GUARAPLY.GUARARAPES-PLYWOOD.COM.BR
 - (squid/2.5.STABLE12)

E não do Redirector como deveria:

 - Generated by squid-redirector (squid2.5)

Já espremi os miolos até onde podia.. Pesquisei por tudo e não achei
nada... Estou desde sábado neste impasse desgraçado.. :)

Grato
-- 
...
[]'s

        _                    Eder Gobbi - "Woody"
       ^-)                    MSN - gobbix at gmail dot com
        ( . . _                  GoogleTalk - gobbix at gmail dot com
          \ `\\                   Jabber - gobbix at jabber dot com
             |>                       Linux User - #385577 - http://counter.li.org
 ______/|______                 UIN - 161655702                   
       
"Livre? É... Eu sou!!!"

"Se você pensa que pode, ou se pensa que não pode, de qualquer forma
você está certo!" (Henry Ford)

Reply to:

References:
- [Fwd: Squid plus]
  - From: Eder Gobbi <edergobbi@gmail.com>
- Re: [Fwd: Squid plus]
  - From: Felipe Neuwald <felipe@neuwald.biz>

Prev by Date: X11VNC - Mudar Porta e colocar senha inicializando sempre!
Next by Date: RapidSVN
Previous by thread: Re: [Fwd: Squid plus]
Next by thread: X11VNC - Mudar Porta e colocar senha inicializando sempre!
Index(es):
- Date
- Thread