Ola lista O meu squid esta configurado como proxy transparente.Ao acessar o access.log eu notei que o mesmo nao esta gerando o ip corretamente. Todas as maquinas sao mostradadas com o ip 192.168.0.0, ou seja, nao consigo identificar quais sites as maquinas realmente estao acessando. Alguem pode me dar umas dicas ?? O problema esta' no squid ou no meu iptables ??
Agradeco desde ja Reinaldo F. Dias (Slackware 10/P2 233/64 de ram/hd de 4Gb) ## access.log 1104440983.705 715 192.168.0.0 TCP_MISS/206 9955 GET http://trickle.gator.com/download/7031.gsz - DIRECT/64.157.165.204 text/plain 1104440985.141 750 192.168.0.0 TCP_MISS/206 9738 GET http://trickle.gator.com/download/7031.gsz - DIRECT/64.157.165.204 text/plain 1104440986.482 701 192.168.0.0 TCP_MISS/206 9804 GET http://trickle.gator.com/download/7031.gsz - DIRECT/64.157.165.204 text/plain 1104440987.034 2 192.168.0.0 TCP_DENIED/403 287 HEAD http://toolbar.msn.com/static/msnapps/globalmanifest.cab - NONE/- text/html ##Squid.conf hierarchy_stoplist cgi-bin ? cache_mem 32 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 5120 KB client_netmask 255.255.255.0 cache_dir ufs /usr/local/squid/var/cache 2000 16 256 cache_access_log /usr/local/squid/var/logs/access.log ftp_user Squid@ # ACLS acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl palavras url_regex "/root/proxy/palavras" http_access deny palavras all http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow all icp_access allow all acl NOCACHE url_regex "/root/proxy/direto.txt" \? no_cache deny NOCACHE visible_hostname Taiseigw.taisei httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on [EMAIL PROTECTED]:~/proxy# ## Iptables modprobe iptable_nat modprobe ip_conntrack modprobe ip_conntrack_ftp modprobe ip_nat_ftp modprobe ipt_LOG #modprobe ipt_MASQUERADE modprobe ipt_REJECT iptables -t nat -A PREROUTING -p tcp -m multiport -s 192.168.0.0/24 --dport 80,443 -j REDIRECT --to-ports 3128 iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward iptables -A INPUT -i eth0 -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT _______________________________________________________ Yahoo! Acesso Gr�tis - Instale o discador do Yahoo! agora. http://br.acesso.yahoo.com/ - Internet r�pida e gr�tis -- GUS-BR - Grupo de Usuarios Slackware - BR http://www.slackwarebrasil.org/ http://www.linuxmag.com.br/mailman/listinfo/slack-users
