- 论坛徽章:
- 0
|
10可用积分
在freebsd下设置了squid采用透明代理进行上网,但不知道哪里不对始终实现不了
配置如下:
rl0外网网卡,配置有多个IP地址:10.216.1.1 , 10.216.1.2 , 10.216.1.3
rl1内网网卡:10.1.1.254
pppoe拨号地址:10.0.0.0/24 , 10.0.1.0/24 ,10.0.2.0/24
环境:freebsd 6.2+ squid 2.6 + ipnat + pppoe
ipnat.rules配置:
rdr rl1 0.0.0.0/0 port 80 -> 127.0.0.1 port 8080
map rl0 10.0.0.0/24 -> 10.216.1.1 portmap tcp/udp 10000:65000
map rl0 10.0.1.0/24 -> 10.216.1.2 portmap tcp/udp 10000:65000
map rl0 10.0.2.0/24 -> 10.216.1.3 portmap tcp/udp 10000:65000
squid.conf配置:
http_port 127.0.0.1:8080 transparent
visible_hostname one
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache_mem 64 MB
cache_dir ufs /usr/local/squid/cache 128 16 128
hosts_file /etc/hosts
read_timeout 1 minutes
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
access_log /usr/local/squid/logs/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl PPPoE_users src 10.0.0.0/22
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 1025-65535 # unregistered ports
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow PPPoE_users
http_reply_access allow PPPoE_users
http_access allow localhost
http_reply_access allow localhost
http_access allow to_localhost
http_reply_access allow to_localhost
http_access allow all
http_reply_access allow all
icp_access allow all
coredump_dir /usr/local/squid/cache
#always_direct allow all
never_direct allow all
采用以上配置时,squid 没有起作用,客户端可以直接上网
cache.log内容:
2008/07/02 11:21:07| Accepting transparently proxied HTTP connections at 127.0.0.1, port 8080, FD 12.
2008/07/02 11:21:07| Accepting ICP messages at 0.0.0.0, port 3130, FD 13.
2008/07/02 11:21:07| WCCP Disabled.
2008/07/02 11:21:07| Ready to serve requests.
2008/07/02 11:21:08| Done reading /usr/local/squid/cache swaplog (0 entries)
2008/07/02 11:21:08| Finished rebuilding storage from disk.
2008/07/02 11:21:08| 0 Entries scanned
2008/07/02 11:21:08| 0 Invalid entries.
2008/07/02 11:21:08| 0 With invalid flags.
2008/07/02 11:21:08| 0 Objects loaded.
2008/07/02 11:21:08| 0 Objects expired.
2008/07/02 11:21:08| 0 Objects cancelled.
2008/07/02 11:21:08| 0 Duplicate URLs purged.
2008/07/02 11:21:08| 0 Swapfile clashes avoided.
2008/07/02 11:21:08| Took 0.5 seconds ( 0.0 objects/sec).
2008/07/02 11:21:08| Beginning Validation Procedure
2008/07/02 11:21:08| Completed Validation Procedure
2008/07/02 11:21:08| Validated 0 Entries
2008/07/02 11:21:08| store_swap_size = 0k
2008/07/02 11:21:08| storeLateRelease: released 0 objects
access.log没有任务内容
请大家帮忙看一下,到底是哪里出的问题 |
最佳答案
查看完整内容
make install clean的时候选择ipflter模块了没?[ ] SQUID_PF Enable transparent proxying with PF │ │[ ] SQUID_IPFILTER Enable transp. proxying with IPFilter │ │
|