Caros, boa tarde. Estou em um impasse aqui e gostaria da atenção dos amigos para poder solucionar.
Instalei um pfSense 2.1 em um cliente e tudo corre bem, exceto algumas configurações do squidGuard, que são aplicadas somente no IE e no chrome o navegador nem sai do lugar. O proxy é transparente e deveria funcionar como funciona em outros clientes que tenho, mas este em especial está me tirando o sono. -------------------------------------- squid.conf -------------------------------------- # Do not edit manually ! http_port 192.168.0.1:3128 http_port 127.0.0.1:3128 transparent icp_port 0 pid_filename /var/run/squid.pid cache_effective_user proxy cache_effective_group proxy error_directory /usr/pbi/squid-amd64/etc/squid/errors/Portuguese icon_directory /usr/pbi/squid-amd64/etc/squid/icons visible_hostname gateway.enderecodocliente.com cache_mgr [email protected] access_log /var/squid/logs/access.log cache_log /var/squid/logs/cache.log cache_store_log none logfile_rotate 3 shutdown_lifetime 3 seconds # Allow local network(s) on interface(s) acl localnet src 192.168.0.0/255.255.255.0 httpd_suppress_version_string on uri_whitespace strip cache_mem 8 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir ufs /var/squid/cache 100 16 256 minimum_object_size 0 KB maximum_object_size 10 KB offline_mode off # No redirector configured # Setup some default acls acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 3128 1025-65535 2008 2011 2017 5017 acl sslports port 443 563 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl dynamic urlpath_regex cgi-bin ? acl allowed_subnets src 192.168.0.0/24 cache deny dynamic http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports # Always allow localhost connections http_access allow localhost request_body_max_size 0 KB reply_body_max_size 0 deny all delay_pools 1 delay_class 1 2 delay_parameters 1 -1/-1 -1/-1 delay_initial_bucket_level 100 delay_access 1 allow all # Custom options redirect_program /usr/pbi/squidguard-amd64/bin/squidGuard -c /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf redirector_bypass off url_rewrite_children 5 # Setup allowed acls # Allow local network(s) on interface(s) http_access allow allowed_subnets http_access allow localnet # Default block all to be sure http_access deny all --------------------------------- squidGuard.conf --------------------------------- # ============================================================ # SquidGuard configuration file # This file generated automaticly with SquidGuard configurator # (C)2006 Serg Dvoriancev # email: [email protected] # ============================================================ logdir /var/squidGuard/log dbhome /var/db/squidGuard # Bloqueios time Block_dia { weekly * 07:50-12:15 weekly * 13:15-18:05 } # Acesso Diretoria src Diretoria { log block.log } # Funcionarios src Funcionarios { ip 192.168.0.29 ip 192.168.0.19 ip 192.168.0.21 ip 192.168.0.27 ip 192.168.0.25 ip 192.168.0.33 ip 192.168.0.22 ip 192.168.0.30 ip 192.168.0.23 ip 192.168.0.20 ip 192.168.0.35 log block.log } # dest blk_BL_adv { domainlist blk_BL_adv/domains urllist blk_BL_adv/urls log block.log } # dest blk_BL_aggressive { domainlist blk_BL_aggressive/domains urllist blk_BL_aggressive/urls log block.log } # dest blk_BL_alcohol { domainlist blk_BL_alcohol/domains urllist blk_BL_alcohol/urls log block.log } # dest blk_BL_anonvpn { domainlist blk_BL_anonvpn/domains urllist blk_BL_anonvpn/urls log block.log } # dest blk_BL_automobile_bikes { domainlist blk_BL_automobile_bikes/domains urllist blk_BL_automobile_bikes/urls log block.log } # dest blk_BL_automobile_boats { domainlist blk_BL_automobile_boats/domains urllist blk_BL_automobile_boats/urls log block.log } # dest blk_BL_automobile_cars { domainlist blk_BL_automobile_cars/domains urllist blk_BL_automobile_cars/urls log block.log } # dest blk_BL_automobile_planes { domainlist blk_BL_automobile_planes/domains urllist blk_BL_automobile_planes/urls log block.log } # dest blk_BL_chat { domainlist blk_BL_chat/domains urllist blk_BL_chat/urls log block.log } # dest blk_BL_costtraps { domainlist blk_BL_costtraps/domains urllist blk_BL_costtraps/urls log block.log } # dest blk_BL_dating { domainlist blk_BL_dating/domains urllist blk_BL_dating/urls log block.log } # dest blk_BL_downloads { domainlist blk_BL_downloads/domains urllist blk_BL_downloads/urls log block.log } # dest blk_BL_drugs { domainlist blk_BL_drugs/domains urllist blk_BL_drugs/urls log block.log } # dest blk_BL_dynamic { domainlist blk_BL_dynamic/domains urllist blk_BL_dynamic/urls log block.log } # dest blk_BL_education_schools { domainlist blk_BL_education_schools/domains urllist blk_BL_education_schools/urls log block.log } # dest blk_BL_finance_banking { domainlist blk_BL_finance_banking/domains urllist blk_BL_finance_banking/urls log block.log } # dest blk_BL_finance_insurance { domainlist blk_BL_finance_insurance/domains urllist blk_BL_finance_insurance/urls log block.log } # dest blk_BL_finance_moneylending { domainlist blk_BL_finance_moneylending/domains urllist blk_BL_finance_moneylending/urls log block.log } # dest blk_BL_finance_other { domainlist blk_BL_finance_other/domains urllist blk_BL_finance_other/urls log block.log } # dest blk_BL_finance_realestate { domainlist blk_BL_finance_realestate/domains urllist blk_BL_finance_realestate/urls log block.log } # dest blk_BL_finance_trading { domainlist blk_BL_finance_trading/domains urllist blk_BL_finance_trading/urls log block.log } # dest blk_BL_fortunetelling { domainlist blk_BL_fortunetelling/domains urllist blk_BL_fortunetelling/urls log block.log } # dest blk_BL_forum { domainlist blk_BL_forum/domains urllist blk_BL_forum/urls log block.log } # dest blk_BL_gamble { domainlist blk_BL_gamble/domains urllist blk_BL_gamble/urls log block.log } # dest blk_BL_government { domainlist blk_BL_government/domains urllist blk_BL_government/urls log block.log } # dest blk_BL_hacking { domainlist blk_BL_hacking/domains urllist blk_BL_hacking/urls log block.log } # dest blk_BL_hobby_cooking { domainlist blk_BL_hobby_cooking/domains urllist blk_BL_hobby_cooking/urls log block.log } # dest blk_BL_hobby_games-misc { domainlist blk_BL_hobby_games-misc/domains urllist blk_BL_hobby_games-misc/urls log block.log } # dest blk_BL_hobby_games-online { domainlist blk_BL_hobby_games-online/domains urllist blk_BL_hobby_games-online/urls log block.log } # dest blk_BL_hobby_gardening { domainlist blk_BL_hobby_gardening/domains urllist blk_BL_hobby_gardening/urls log block.log } # dest blk_BL_hobby_pets { domainlist blk_BL_hobby_pets/domains urllist blk_BL_hobby_pets/urls log block.log } # dest blk_BL_homestyle { domainlist blk_BL_homestyle/domains urllist blk_BL_homestyle/urls log block.log } # dest blk_BL_hospitals { domainlist blk_BL_hospitals/domains urllist blk_BL_hospitals/urls log block.log } # dest blk_BL_imagehosting { domainlist blk_BL_imagehosting/domains urllist blk_BL_imagehosting/urls log block.log } # dest blk_BL_isp { domainlist blk_BL_isp/domains urllist blk_BL_isp/urls log block.log } # dest blk_BL_jobsearch { domainlist blk_BL_jobsearch/domains urllist blk_BL_jobsearch/urls log block.log } # dest blk_BL_library { domainlist blk_BL_library/domains urllist blk_BL_library/urls log block.log } # dest blk_BL_military { domainlist blk_BL_military/domains urllist blk_BL_military/urls log block.log } # dest blk_BL_models { domainlist blk_BL_models/domains urllist blk_BL_models/urls log block.log } # dest blk_BL_movies { domainlist blk_BL_movies/domains urllist blk_BL_movies/urls log block.log } # dest blk_BL_music { domainlist blk_BL_music/domains urllist blk_BL_music/urls log block.log } # dest blk_BL_news { domainlist blk_BL_news/domains urllist blk_BL_news/urls log block.log } # dest blk_BL_podcasts { domainlist blk_BL_podcasts/domains urllist blk_BL_podcasts/urls log block.log } # dest blk_BL_politics { domainlist blk_BL_politics/domains urllist blk_BL_politics/urls log block.log } # dest blk_BL_porn { domainlist blk_BL_porn/domains urllist blk_BL_porn/urls log block.log } # dest blk_BL_radiotv { domainlist blk_BL_radiotv/domains urllist blk_BL_radiotv/urls log block.log } # dest blk_BL_recreation_humor { domainlist blk_BL_recreation_humor/domains urllist blk_BL_recreation_humor/urls log block.log } # dest blk_BL_recreation_martialarts { domainlist blk_BL_recreation_martialarts/domains urllist blk_BL_recreation_martialarts/urls log block.log } # dest blk_BL_recreation_restaurants { domainlist blk_BL_recreation_restaurants/domains urllist blk_BL_recreation_restaurants/urls log block.log } # dest blk_BL_recreation_sports { domainlist blk_BL_recreation_sports/domains urllist blk_BL_recreation_sports/urls log block.log } # dest blk_BL_recreation_travel { domainlist blk_BL_recreation_travel/domains urllist blk_BL_recreation_travel/urls log block.log } # dest blk_BL_recreation_wellness { domainlist blk_BL_recreation_wellness/domains urllist blk_BL_recreation_wellness/urls log block.log } # dest blk_BL_redirector { domainlist blk_BL_redirector/domains urllist blk_BL_redirector/urls log block.log } # dest blk_BL_religion { domainlist blk_BL_religion/domains urllist blk_BL_religion/urls log block.log } # dest blk_BL_remotecontrol { domainlist blk_BL_remotecontrol/domains urllist blk_BL_remotecontrol/urls log block.log } # dest blk_BL_ringtones { domainlist blk_BL_ringtones/domains urllist blk_BL_ringtones/urls log block.log } # dest blk_BL_science_astronomy { domainlist blk_BL_science_astronomy/domains urllist blk_BL_science_astronomy/urls log block.log } # dest blk_BL_science_chemistry { domainlist blk_BL_science_chemistry/domains urllist blk_BL_science_chemistry/urls log block.log } # dest blk_BL_searchengines { domainlist blk_BL_searchengines/domains urllist blk_BL_searchengines/urls log block.log } # dest blk_BL_sex_education { domainlist blk_BL_sex_education/domains urllist blk_BL_sex_education/urls log block.log } # dest blk_BL_sex_lingerie { domainlist blk_BL_sex_lingerie/domains urllist blk_BL_sex_lingerie/urls log block.log } # dest blk_BL_shopping { domainlist blk_BL_shopping/domains urllist blk_BL_shopping/urls log block.log } # dest blk_BL_socialnet { domainlist blk_BL_socialnet/domains urllist blk_BL_socialnet/urls log block.log } # dest blk_BL_spyware { domainlist blk_BL_spyware/domains urllist blk_BL_spyware/urls log block.log } # dest blk_BL_tracker { domainlist blk_BL_tracker/domains urllist blk_BL_tracker/urls log block.log } # dest blk_BL_updatesites { domainlist blk_BL_updatesites/domains urllist blk_BL_updatesites/urls log block.log } # dest blk_BL_urlshortener { domainlist blk_BL_urlshortener/domains urllist blk_BL_urlshortener/urls log block.log } # dest blk_BL_violence { domainlist blk_BL_violence/domains urllist blk_BL_violence/urls log block.log } # dest blk_BL_warez { domainlist blk_BL_warez/domains urllist blk_BL_warez/urls log block.log } # dest blk_BL_weapons { domainlist blk_BL_weapons/domains urllist blk_BL_weapons/urls log block.log } # dest blk_BL_webmail { domainlist blk_BL_webmail/domains urllist blk_BL_webmail/urls log block.log } # dest blk_BL_webphone { domainlist blk_BL_webphone/domains urllist blk_BL_webphone/urls log block.log } # dest blk_BL_webradio { domainlist blk_BL_webradio/domains urllist blk_BL_webradio/urls log block.log } # dest blk_BL_webtv { domainlist blk_BL_webtv/domains urllist blk_BL_webtv/urls log block.log } # dest Liberados { domainlist Liberados/domains expressionlist Liberados/expressions log block.log } # dest Bloqueados { expressionlist Bloqueados/expressions redirect http://www.enderecodocliente.com log block.log } # rew safesearch { s@(google..*/search?.*q=.*)@ &safe=active@i s@(google..*/images.*q=.*)@ &safe=active@i s@(google..*/groups.*q=.*)@ &safe=active@i s@(google..*/news.*q=.*)@ &safe=active@i s@(yandex..*/yandsearch?.*text=.*)@ &fyandex=1@i s@(search.yahoo..*/search.*p=.*)@ &vm=r&v=1@i s@(search.live..*/.*q=.*)@ &adlt=strict@i s@(search.msn..*/.*q=.*)@ &adlt=strict@i s@(.bing..*/.*q=.*)@ &adlt=strict@i log block.log } # acl { # Acesso Diretoria Diretoria { pass all log block.log } # Funcionarios Funcionarios within Block_dia { pass blk_BL_finance_banking blk_BL_government blk_BL_searchengines !in-addr !Bloqueados !blk_BL_adv !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_automobile_bikes !blk_BL_automobile_boats !blk_BL_automobile_cars !blk_BL_automobile_planes !blk_BL_chat !blk_BL_costtraps !blk_BL_dating !blk_BL_downloads !blk_BL_drugs !blk_BL_dynamic !blk_BL_education_schools !blk_BL_finance_insurance !blk_BL_finance_moneylending !blk_BL_finance_other !blk_BL_finance_realestate !blk_BL_finance_trading !blk_BL_fortunetelling !blk_BL_forum !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_cooking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_hobby_gardening !blk_BL_hobby_pets !blk_BL_homestyle !blk_BL_hospitals !blk_BL_imagehosting !blk_BL_isp !blk_BL_jobsearch !blk_BL_library !blk_BL_military !blk_BL_models !blk_BL_movies !blk_BL_music !blk_BL_news !blk_BL_podcasts !blk_BL_politics !blk_BL_porn !blk_BL_radiotv !blk_BL_recreation_humor !blk_BL_recreation_martialarts !blk_BL_recreation_restaurants !blk_BL_recreation_sports !blk_BL_recreation_travel !blk_BL_recreation_wellness !blk_BL_redirector !blk_BL_religion !blk_BL_remotecontrol !blk_BL_ringtones !blk_BL_science_astronomy !blk_BL_science_chemistry !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_shopping !blk_BL_socialnet !blk_BL_spyware !blk_BL_tracker !blk_BL_updatesites !blk_BL_urlshortener !blk_BL_violence !blk_BL_warez !blk_BL_weapons !blk_BL_webmail !blk_BL_webphone !blk_BL_webradio !blk_BL_webtv Liberados none redirect http://192.168.0.1:80/sgerror.php?url=403%20http%3A%2F%2Fwww.enderecodocliente.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u rewrite safesearch log block.log } else { pass !in-addr all redirect http://192.168.0.1:80/sgerror.php?url=403%20http%3A%2F%2Fwww.enderecodocliente.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u rewrite safesearch log block.log } # default { pass Liberados blk_BL_finance_banking blk_BL_government blk_BL_searchengines blk_BL_updatesites !Bloqueados !blk_BL_adv !blk_BL_aggressive !blk_BL_alcohol !blk_BL_anonvpn !blk_BL_automobile_bikes !blk_BL_automobile_boats !blk_BL_automobile_cars !blk_BL_automobile_planes !blk_BL_chat !blk_BL_costtraps !blk_BL_dating !blk_BL_downloads !blk_BL_drugs !blk_BL_dynamic !blk_BL_education_schools !blk_BL_finance_insurance !blk_BL_finance_moneylending !blk_BL_finance_other !blk_BL_finance_realestate !blk_BL_finance_trading !blk_BL_fortunetelling !blk_BL_forum !blk_BL_gamble !blk_BL_hacking !blk_BL_hobby_cooking !blk_BL_hobby_games-misc !blk_BL_hobby_games-online !blk_BL_hobby_gardening !blk_BL_hobby_pets !blk_BL_homestyle !blk_BL_hospitals !blk_BL_imagehosting !blk_BL_isp !blk_BL_jobsearch !blk_BL_library !blk_BL_military !blk_BL_models !blk_BL_movies !blk_BL_music !blk_BL_news !blk_BL_podcasts !blk_BL_politics !blk_BL_porn !blk_BL_radiotv !blk_BL_recreation_humor !blk_BL_recreation_martialarts !blk_BL_recreation_restaurants !blk_BL_recreation_sports !blk_BL_recreation_travel !blk_BL_recreation_wellness !blk_BL_redirector !blk_BL_religion !blk_BL_remotecontrol !blk_BL_ringtones !blk_BL_science_astronomy !blk_BL_science_chemistry !blk_BL_sex_education !blk_BL_sex_lingerie !blk_BL_shopping !blk_BL_socialnet !blk_BL_spyware !blk_BL_tracker !blk_BL_urlshortener !blk_BL_violence !blk_BL_warez !blk_BL_weapons !blk_BL_webmail !blk_BL_webphone !blk_BL_webradio !blk_BL_webtv none redirect http://www.enderecodocliente.com&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u rewrite safesearch log block.log } } ------------------------ As configurações de proxy que antes estavam setadas manualmente foram todas retiradas dos computadores. Alguém já passou por algo parecido? Agradeço qualquer ajuda. Fabio Fraga Machado Davila Soluções em Ti 48 9137-9700 / 48 9615-8638 48 3024-9702 www.davila.inf.br _______________________________________________ Pfsense-pt mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/pfsense-pt
