Responder 
 
Avaliação do Tópico:
  • 0 Votos - 0 Média
  • 1
  • 2
  • 3
  • 4
  • 5
Squid e Yahoo
21/02/2013, 10:02
Resposta: #1
Squid e Yahoo
Amigos, tenho um servidor Debian rodando o Squid, porem o mesmo esta impedindo o Yahoo de abrir corretamente, alguns usuários com permissão de acesso não acessam o email do Yahho, e o site demora muito a abrir e quando abre esta todo desconfigurado.

O aceso pelo Squid é simples, tem uma faixa de IP com acesso irrestrito, os demais tem uma lista de sites permitidos, mas mesmo a faixa de IP com acesso irrestrito tem problemas com o Yahho, segue o squid.conf:

http_port 3128 transparent
visible_hostname Servidor-UPA-Debian-Linux

cache_mem 32 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 1024 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 2048 16 256
cache_access_log /var/log/squid/access.log
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280

acl all src 0.0.0.0/0.0.0.0
#acl redelocal src 192.168.2.0/24

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

#http_access allow redelocal


acl permitidos src 192.168.2.1-192.168.2.6
acl sites dstdomain "/etc/squid/permitidos"

http_access allow permitidos
http_access allow sites

http_access deny all
Encontrar todas as respostas deste usuário
Citar esta mensagem em uma resposta
21/02/2013, 23:33
Resposta: #2
RE: Squid e Yahoo
Rodolfo,

Analise os logs do Squid, eles podem fornecer informações sobre o problema.
Encontrar todas as respostas deste usuário
Citar esta mensagem em uma resposta
22/02/2013, 12:43 (Resposta editada pela última vez em: 22/02/2013 13:11 por Rodolfo.)
Resposta: #3
RE: Squid e Yahoo
Caro spikey, já verifiquei o access.log, executei tail -f /var/log/squid/access.log | grep 192.168.2.1 | grep -i TCP_DENIED mas não retornou nada, alem do Yahoo o portal R7 também da problema.
Vi na internet pessoas com o mesmo problema,

http://www.vivaolinux.com.br/topico/Squi...lema-yahoo

inclusive com sugestão de liberar, no caso do Yahoo, o dominio yimg.com, mas se for esse o caso,como fazer, porque o Yahoo é para ser liberado somente para os usuários na faixa de IP liberado, os demais não, então tem jeito de liberar por uma acl dentro do squid.conf este dominio somente para a faixa de IP liberado?

Em geral, o que pode fazer o squid bloquear ou desconfigurar um site que a principio não esta bloqueado?

Encontrei estas linhas no access.log

1361548260.221 6 192.168.2.2 TCP_HIT/200 20892 GET http://l.yimg.com/zz/combo? - NONE/- application/x-javascript
1361548260.285 0 192.168.2.2 TCP_HIT/200 2587 GET http://l.yimg.com/a/i/ww/met/sprite_vide...01_ltr.png - NONE/- image/png

1361549270.045 145210 192.168.2.2 TCP_MISS/504 1712 GET http://l.yimg.com/dh/ap/default/130222/g...ai_120.jpg - DIRECT/l.yimg.com text/html
1361549270.045 145219 192.168.2.2 TCP_MISS/504 1734 GET http://l.yimg.com/dh/ap/default/130222/c...ia_120.jpg - DIRECT/l.yimg.com text/html
1361549270.045 145387 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/cv/ae/uk/audience/1302...di0b7u.jpg - DIRECT/l.yimg.com text/html
1361549270.045 145397 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/cv/ae/br/audience/1302...kf09ci.jpg - DIRECT/l.yimg.com text/html
1361549270.045 145429 192.168.2.2 TCP_MISS/504 1716 GET http://l.yimg.com/dh/ap/default/130222/L...HOLA03.jpg - DIRECT/l.yimg.com text/html
1361549270.045 145562 192.168.2.2 TCP_MISS/504 1654 GET http://l.yimg.com/zz/combo? - DIRECT/l.yimg.com text/html
1361549270.097 0 192.168.2.2 TCP_MISS/504 1708 GET http://l.yimg.com/dh/ap/default/130222/michael_120.jpg - DIRECT/l.yimg.com text/html
1361549270.100 0 192.168.2.2 TCP_MISS/504 1706 GET http://l.yimg.com/dh/ap/default/130222/gisele_120.jpg - DIRECT/l.yimg.com text/html
1361549270.102 0 192.168.2.2 TCP_MISS/504 1724 GET http://l.yimg.com/dh/ap/default/130222/h..._getty.jpg - DIRECT/l.yimg.com text/html
1361549270.103 0 192.168.2.2 TCP_MISS/504 1730 GET http://l.yimg.com/dh/ap/default/130222/s..._miolo.jpg - DIRECT/l.yimg.com text/html
1361549270.104 0 192.168.2.2 TCP_HIT/200 2904 GET http://l1.yimg.com/a/i/ww/met/th/slate/g...110124.png - NONE/- image/png
1361549270.108 0 192.168.2.2 TCP_MISS/504 1702 GET http://l.yimg.com/dh/ap/default/121214/euro-120.jpg - DIRECT/l.yimg.com text/html
1361549270.120 29 192.168.2.2 TCP_HIT/200 20892 GET http://l.yimg.com/zz/combo? - NONE/- application/x-javascript
1361549270.124 0 192.168.2.2 TCP_MISS/504 1724 GET http://l.yimg.com/dh/ap/default/121017/d...nta_01.jpg - DIRECT/l.yimg.com text/html
1361549270.128 0 192.168.2.2 TCP_MISS/504 1714 GET http://l.yimg.com/dh/ap/default/130220/s...porter.jpg - DIRECT/l.yimg.com text/html
1361549270.129 0 192.168.2.2 TCP_HIT/200 2587 GET http://l.yimg.com/a/i/ww/met/sprite_vide...01_ltr.png - NONE/- image/png
1361549270.129 0 192.168.2.2 TCP_MISS/504 1710 GET http://l.yimg.com/dh/ap/default/130219/footer_regis.jpg - DIRECT/l.yimg.com text/html
1361549270.132 0 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/dh/ap/default/130220/f...tafogo.jpg - DIRECT/l.yimg.com text/html
1361549270.144 0 192.168.2.2 TCP_HIT/200 5559 GET http://l.yimg.com/dh/ap/default/120910/y...ogo_br.png - NONE/- image/png
1361549270.163 0 192.168.2.2 TCP_HIT/200 3838 GET http://l1.yimg.com/a/i/ww/met/th/slate/t...111025.png - NONE/- image/png
1361549270.167 0 192.168.2.2 TCP_HIT/200 1530 GET http://l1.yimg.com/a/i/ww/met/th/slate/s...28_ltr.png - NONE/- image/png
1361549270.507 0 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/cv/ae/br/audience/1302...kf09ci.jpg - DIRECT/l.yimg.com text/html
1361549270.508 0 192.168.2.2 TCP_MISS/504 1716 GET http://l.yimg.com/dh/ap/default/130222/L...HOLA03.jpg - DIRECT/l.yimg.com text/html
1361549270.509 0 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/cv/ae/uk/audience/1302...di0b7u.jpg - DIRECT/l.yimg.com text/html
1361549270.540 0 192.168.2.2 TCP_HIT/200 7429 GET http://l.yimg.com/dh/ap/default/121008/s...08_ltr.png - NONE/- image/png
1361549270.540 0 192.168.2.2 TCP_HIT/200 2373 GET http://l1.yimg.com/a/i/ww/met/gsprite_20100302.png - NONE/- image/png
1361549270.542 2 192.168.2.2 TCP_HIT/200 10763 GET http://l1.yimg.com/a/i/ww/met/th/slate/s...20_ltr.png - NONE/- image/png
1361549270.546 0 192.168.2.2 TCP_HIT/200 1986 GET http://l1.yimg.com/a/i/ww/met/anim_loadi...082208.gif - NONE/- image/gif
1361549270.627 0 192.168.2.2 TCP_MISS/504 1734 GET http://l.yimg.com/dh/ap/default/130222/c...ia_120.jpg - DIRECT/l.yimg.com text/html
1361549270.633 0 192.168.2.2 TCP_MISS/504 1712 GET http://l.yimg.com/dh/ap/default/130222/g...ai_120.jpg - DIRECT/l.yimg.com text/html
1361549270.635 0 192.168.2.2 TCP_MISS/504 1708 GET http://l.yimg.com/dh/ap/default/130222/michael_120.jpg - DIRECT/l.yimg.com text/html
1361549270.638 0 192.168.2.2 TCP_MISS/504 1706 GET http://l.yimg.com/dh/ap/default/130222/gisele_120.jpg - DIRECT/l.yimg.com text/html
1361549270.640 0 192.168.2.2 TCP_MISS/504 1724 GET http://l.yimg.com/dh/ap/default/130222/h..._getty.jpg - DIRECT/l.yimg.com text/html
1361549270.644 0 192.168.2.2 TCP_MISS/504 1730 GET http://l.yimg.com/dh/ap/default/130222/s..._miolo.jpg - DIRECT/l.yimg.com text/html
1361549270.651 0 192.168.2.2 TCP_MISS/504 1702 GET http://l.yimg.com/dh/ap/default/121214/euro-120.jpg - DIRECT/l.yimg.com text/html
1361549270.655 0 192.168.2.2 TCP_MISS/504 1724 GET http://l.yimg.com/dh/ap/default/121017/d...nta_01.jpg - DIRECT/l.yimg.com text/html
1361549270.673 0 192.168.2.2 TCP_MISS/504 1714 GET http://l.yimg.com/dh/ap/default/130220/s...porter.jpg - DIRECT/l.yimg.com text/html
1361549270.676 0 192.168.2.2 TCP_MISS/504 1710 GET http://l.yimg.com/dh/ap/default/130219/footer_regis.jpg - DIRECT/l.yimg.com text/html
1361549270.678 0 192.168.2.2 TCP_MISS/504 1722 GET http://l.yimg.com/dh/ap/default/130220/f...tafogo.jpg - DIRECT/l.yimg.com text/html
1361549270.690 0 192.168.2.2 TCP_HIT/200 1503 GET http://l.yimg.com/a/i/ww/met/mod/ybang_22_111908.png - NONE/- image/png
1361549270.692 0 192.168.2.2 TCP_HIT/200 1465 GET http://l.yimg.com/d/lib/3pm/cs_0.2.js - NONE/- application/javascript
1361549270.693 0 192.168.2.2 TCP_HIT/200 1521 GET http://l.yimg.com/d/lib/bc/bcr_2.0.5.js - NONE/- application/javascript
1361549270.725 100 192.168.2.2 TCP_MISS/200 10503 GET http://ads.yimg.com/qq/a/br/adtech/brade...400x35.swf - DIRECT/200.152.174.73 application/x-shockwave-flash
1361549270.772 80 192.168.2.2 TCP_HIT/200 138360 GET http://l.yimg.com/zz/combo? - NONE/- application/x-javascript
1361549270.826 139 192.168.2.2 TCP_MISS/200 8668 GET http://ads.yldmgrimg.net/apex/mediastore...1ed96bca83 - DIRECT/201.48.154.9 application/x-shockwave-flash
1361549270.835 172 192.168.2.2 TCP_MISS/200 17486 GET http://ads.yldmgrimg.net/apex/mediastore...3ab7a079c2 - DIRECT/201.48.154.24 image/jpeg
1361549270.871 76 192.168.2.2 TCP_MISS/302 797 GET http://b.scorecardresearch.com/p? - DIRECT/201.48.154.26 -
1361549270.961 324 192.168.2.2 TCP_MISS/200 684 GET http://mi.adinterax.com/customer/yahoo_l...0x275.png? - DIRECT/4.23.35.253 image/png
1361549271.001 20 192.168.2.2 TCP_MISS/200 474 GET http://b.scorecardresearch.com/p2? - DIRECT/201.48.154.26 image/gif
1361549271.031 276 192.168.2.2 TCP_MISS/200 345 POST http://ui.ff.avast.com/urlinfo - DIRECT/77.234.42.83 application/octet-stream
1361549271.063 436 192.168.2.2 TCP_MISS/404 3179 GET http://br.yahoo.com/width= - DIRECT/200.152.175.146 text/html
1361549271.066 431 192.168.2.2 TCP_MISS/200 783 GET http://tr.adinterax.com/re/yahoo_latam%2...Cti/ti.gif - DIRECT/98.139.200.238 image/gif
1361549271.070 414 192.168.2.2 TCP_MISS/302 927 GET http://ia.nspmotion.com/tracking/? - DIRECT/65.99.198.181 text/html
1361549271.199 97 192.168.2.2 TCP_REFRESH_HIT/200 507 GET http://akfs.nspmotion.com/files/1_1.gif - DIRECT/201.48.154.17 image/gif
1361549271.230 389 192.168.2.2 TCP_MISS/200 581 GET http://csc.beap.bc.yahoo.com/yi? - DIRECT/98.139.50.175 image/gif
1361549271.282 597 192.168.2.2 TCP_MISS/200 29820 GET http://mi.adinterax.com/customer/yahoo_l..._BR.ns.js? - DIRECT/4.23.35.253 application/x-javascript
1361549271.304 472 192.168.2.2 TCP_MISS/200 549 GET http://row.bc.yahoo.com/b? - DIRECT/98.138.4.127 image/gif
1361549271.471 154 192.168.2.2 TCP_MISS/200 5208 GET http://mi.adinterax.com/customer/yahoo_l...D_BR_.jpg? - DIRECT/4.23.35.253 image/jpeg
1361549271.499 424 192.168.2.2 TCP_MISS/200 576 GET http://tr.adinterax.com/tr/yahoo_latam%2...0/co/b.gif - DIRECT/98.139.200.238 image/gif
1361549271.652 278 192.168.2.2 TCP_MISS/200 345 POST http://ui.ff.avast.com/urlinfo - DIRECT/77.234.42.84 application/octet-stream
1361549271.678 300 192.168.2.2 TCP_MISS/200 15621 GET http://mi.adinterax.com/customer/yahoo_l...0x250.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.692 64 192.168.2.2 TCP_MISS/200 20192 GET http://mi.adinterax.com/customer/yahoo_l...0x250.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.867 159 192.168.2.2 TCP_MISS/200 10784 GET http://mi.adinterax.com/customer/yahoo_l...0x600.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.867 486 192.168.2.2 TCP_MISS/200 10786 GET http://mi.adinterax.com/customer/yahoo_l...0x600.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.888 157 192.168.2.2 TCP_MISS/200 10710 GET http://mi.adinterax.com/customer/yahoo_l...0x600.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.888 506 192.168.2.2 TCP_MISS/200 10712 GET http://mi.adinterax.com/customer/yahoo_l...0x600.swf? - DIRECT/4.23.35.253 application/x-shockwave-flash
1361549271.916 278 192.168.2.2 TCP_MISS/200 3863 GET http://mi.adinterax.com/customer/yahoo_l...intel.jpg? - DIRECT/4.23.35.253 image/jpeg
1361549272.006 521 192.168.2.2 TCP_MISS/200 576 GET http://tr.adinterax.com/tr/yahoo_latam%2...ai.0/b.gif - DIRECT/98.139.200.238 image/gif
1361549272.301 670 192.168.2.2 TCP_MISS/200 114360 GET http://mi.adinterax.com/customer/yahoo_l...0x1024.jpg - DIRECT/4.23.35.253 image/jpeg
1361549272.334 0 192.168.2.2 TCP_HIT/200 2452 GET http://l.yimg.com/zz/combo? - NONE/- text/css
1361549272.336 0 192.168.2.2 TCP_HIT/200 3760 GET http://l.yimg.com/zz/combo? - NONE/- application/x-javascript
1361549272.597 257 192.168.2.2 TCP_MISS/200 1050 GET http://br.yahoo.com/favicon.ico - DIRECT/200.152.175.146 image/x-icon
1361549272.789 461 192.168.2.2 TCP_MISS/200 345 POST http://ui.ff.avast.com/urlinfo - DIRECT/77.234.43.82 application/octet-stream
1361549272.979 645 192.168.2.2 TCP_MISS/204 480 GET http://br.yahoo.com/p.gif;_ylp=A86.JoWLl...BjxaU7q5_? - DIRECT/200.152.175.146 text/plain
1361549283.676 417 192.168.2.2 TCP_MISS/302 853 GET http://ia.nspmotion.com/tracking/? - DIRECT/65.99.198.181 text/html
1361549283.882 621 192.168.2.2 TCP_MISS/404 3179 GET http://br.yahoo.com/PIXEL - DIRECT/200.152.175.146 text/html
1361549296.433 88 192.168.2.2 TCP_MISS/200 13634 GET http://l1.yimg.com/dh/ap/default/130221/...ne_392.jpg - DIRECT/200.152.174.74 image/jpeg
1361549306.395 47 192.168.2.2 TCP_MISS/200 7370 GET http://l1.yimg.com/dh/ap/default/130222/...guesec.jpg - DIRECT/200.152.174.74 image/jpeg
Encontrar todas as respostas deste usuário
Citar esta mensagem em uma resposta
26/02/2013, 00:35
Resposta: #4
RE: Squid e Yahoo
Olá,

Tente fazer desta forma:

Código:
acl sites_bloqueados url_regex -i "/etc/squid/sites_bloqueados"

No caso do meu exemplo é somente com sites bloqueados. Mas com o inverso também funciona, basta adicionar em seguida .yahoo.com.br.
Encontrar todas as respostas deste usuário
Citar esta mensagem em uma resposta
Responder 


Ir ao Fórum:


Usuários visualizando este tópico: 1 Visitantes

Entre em Contato | Fórum Debian | Voltar ao Topo | Voltar ao Conteúdo | Modo Leve (Arquivo) | Feeds RSS