Bom dia galerinha,,, Me desculpem por esse tópico, sei que existem varios mas mesmo seguindo vários deles (muitos sem fim) não consegui fazer rodar o SQUID Transparente + IPFW...
Segue abaixo meu squid.conf http_port 3128 visible_hostname firewall redirect_rewrites_host_header off http_port 7.8.9.254:3128 transparent #tamanho do cache na memoria RAM cache_mem 50 MB shutdown_lifetime 3 seconds icp_port 0 #tamanho maximo dos objetos na memoria RAM maximum_object_size_in_memory 64 KB #tamanho maximo do objetos no cache maximum_object_size 20 MB #tamanho minimo do objetos no cache minimum_object_size 0 KB cache_swap_low 90 cache_swap_high 95 #diretorio do cache cache_dir ufs /usr/local/squid/cache 3000 16 256 cache_access_log /usr/local/squid/logs/access.log #atualizacao do cache refresh_pattern ^ftp: 15 20% 2280 refresh_pattern ^gopher: 15 0% 2280 refresh_pattern . 15 20% 2280 #ACLs acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 445 443 441 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 445 443 441 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT acl redeinterna src 7.8.9.0/24 acl admin src 7.8.9.248 #acl restritos dstdom_regex "/usr/local/etc/squid/restritos" acl bloqueados dstdom_regex "/usr/local/etc/squid/bloqueados" acl manha time MTWHF 08:00-12:00 acl tarde time MTWHF 13:30-17:20 #S-Domingo, M-Segunda, T-Ter.a, W-Quarta, H-Quinta, F-Sexta, A-Sabado http_access allow manager localhost http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny manager http_access allow purge localhost http_access deny purge http_access allow localhost http_access allow admin http_access deny bloqueados #http_access deny manha restritos #http_access deny tarde restritos http_access allow redeinterna http_access deny all Agora minhas regras de IPFW: /sbin/ipfw -f flush ipfw add allow tcp from 7.8.9.254 to any 80 # evita loop ipfw add fwd 7.8.9.254,3128 tcp from 7.8.9.0/24 to any 80 E já compilei o Kernel para rodar nat e ipfw... O NAT esta rodando perfeitamente... Não sei se a opção correta é http_port 7.8.9.254:3128 transparent Abraços! -- ThOLOko ThOmaz BeLgine -FrEEBSD- UniX TeaM (LeT's MaKe InStaLL ClEan) ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
