با سلام به همه

من میدونم این مطلب تکرار هست !! و انجمن رو هم حسابی زیر و رو کردم ولی جوابی نگرفتم !!!

من یک کش - پراکسی سرور لینوکس دارم که فعلا در حالت تست دارم با کاهاش کار میکنم ( با Vmware)
سرور من suse linux enterprise 10 هست که عضو دامین کردمش و اسکوئید رو که کانفیگ کردم که در پایان کانفیگ رو میزارم . کاربرانی رو هم در دامین تعریف کردم ولی نمیتونن به اینترنت وصل بشن !! هر چی نام کاربری و پسورد رو میزنم درست نمیشه !!!
این هم تصویری که باید نام کاربری با پسورد رو وارد کنیم :
http://i42.tinypic.com/11sftdz.jpg
اگر میشه کانفیگ رو ببینین و راهنمایی کنین :

cache_effective_user squid
cache_effective_group squid
dns_nameservers 192.168.186.5 217.218.127.104 192.9.9.3 4.2.2.4
#debug_options ALL,1 33,2 28,9
acl all src 0.0.0.0/0.0.0.0
icp_query_timeout 1000
high_memory_warning 500 MB
visible_hostname ProxyBR
#httpd_suppress_version_string on
cache_mem 8 MB
#cache_replacement_policy heap LFUDA
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_swap_low 90
cache_swap_high 95
maximum_object_size 131072 KB
########New test . Default is 8
maximum_object_size_in_memory 64 KB
minimum_object_size 1 KB
store_avg_object_size 20 KB
tcp_recv_bufsize 65535 bytes
ipcache_size 8192
fqdncache_size 8192
forwarded_for on
request_header_max_size 24 KB
negative_dns_ttl 1 minutes
positive_dns_ttl 1 hours
negative_dns_ttl 60 seconds
connect_timeout 60 seconds
request_timeout 60 seconds
pconn_timeout 30 seconds
high_page_fault_warning 10
high_response_time_warning 2000
client_persistent_connections off
server_persistent_connections on
half_closed_clients off
#If you need the high performace COSS storage scheme
#cache_dir coss /cache1/squid/coss 9216 max-size=131072 max-stripe-waste=16384 block-size=1024
#cache_dir coss /cache2/squid/coss 9216 max-size=131072 max-stripe-waste=16384 block-size=1024
#Diskd storage scehme
cache_dir diskd /squidcache 6144 16 256 Q1=72 Q2=64
#cache_dir diskd /cache2 6144 16 256 Q1=72 Q2=64
#Used for COSS only
#cache_swap_log /var/squid/%s
log_icp_queries off
cache_access_log /var/log/squid/access.log
emulate_httpd_log on
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
#auth_param ntlm keep_alive on
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate off
auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic children 5
auth_param basic realm antilevels.ir
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
ftp_user admin@Domain.Net
cache_mgr squidadmin@Domain.Net
#No cache for the following sites
acl newssites dstdomain .cnn.com .bbcnews.com
no_cache deny newssites
refresh_pattern windowsupdate.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern update.microsoft.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims
refresh_pattern download.microsoft.com/.*\.(cab|exe) 4320 100% 43200 reload-into-ims
#Try to cache some google Earth stuff
acl QUERY urlpath_regex cgi-bin \? intranet
acl forcecache url_regex -i kh.google keyhole.com
no_cache allow forcecache
no_cache deny QUERY
#Don.t cache dynamic content
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
refresh_pattern -i kh.google 1440 20% 10080 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern -i keyhole.com 1440 20% 10080 override-expire override-lastmod reload-into-ims ignore-reload
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 0 KB
quick_abort_max 0 KB
#quick_abort_pct 99
negative_dns_ttl 2 minutes
#acl mynetwork src 192.168.186.0/24
acl nimda urlpath_regex .*/winnt/system32/cmd.exe.* .*/MSADC/root.exe..c.dir$ .*/scripts/root.exe..c.dir$
acl Newvirus urlpath_regex .*/Cgi-bin/!Vip.exe.* .*/LE/isapitest.dll.*
acl BadURL urlpath_regex -i cmd.exe
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563 2082 2083 2086 2087 2093 2095 2096
acl Safe_ports port 80 21 443 563 70 210 8000 11999 2082 2083 2086 2087 2095 2096 8082 8090 3000
acl CONNECT method CONNECT
acl worm dst 63.251.5.47 65.74.168.210
acl worm1 dstdomain kyamzaa.virtualave.net/com.exe
acl worm2 dstdomain kyamazza.virtualave.net/dos.exe
acl VIRUS urlpath_regex winnt/system32/cmd.exe?
acl VIRUS urlpath_regex ^/osa..gif
acl VIRUS urlpath_regex ^/./fils.php
acl VIRUS urlpath_regex ^/./999.jpg
acl VIRUS urlpath_regex ^/w.php
acl YAHOOATTACK urlpath_regex akamai.*yahoo.*config/login
acl INADDR_ANY dst 0.0.0.0/32
acl IpAddrProbeUA browser ^Mozilla/4.0.\(compatible;.MSIE.5.5;.Windows.98\)$
acl IpAddrProbeURL url_regex //[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/$
acl codered url_regex \/default\.ida$
http_access deny codered
acl gator_url url_regex \.gator.com
acl gator_domain_start dstdomain gator.com
http_access deny gator_url
http_access deny gator_domain_start
acl brazvir url_regex http://www.instituto.com.br/attackDoS.php
http_access deny brazvir
acl worm_url url_regex ^http://www.tradeexit.com/link1.html$
acl worm_url url_regex ^http://www.tradeexit.com/link2.html$
acl worm_url url_regex ^http://www.revistaprofashional.com.br/put?
acl worm_url url_regex ^putassp.com?
http_access deny worm_url
#Block uncessary microsoft updates
acl microsoft_url_1 urlpath_regex msdownload/update/v3-19990518/cabpool
http_access deny microsoft_url_1
###################
##virus
acl mblock url_regex -i musicindiaonline.com
acl dangurl urlpath_regex -i \.id[aq]\?.{100,} # CodeRED
acl dangurl urlpath_regex -i /readme\.(eml|nws|exe) # NIMDA
#Remove transparent if you don.t want Squid to run transparently
http_port 192.168.186.10:3128
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny BadURL
http_access deny nimda
http_access deny Newvirus
deny_info TCP_RESET worm
http_access deny worm
http_access deny worm1
http_access deny worm2
http_access deny Codered
#http_access allow mynetwork
http_access deny IpAddrProbeUA IpAddrProbeURL
deny_info TCP_RESET IpAddrProbeURL
acl OriginsThatComplainOfAbuse dstdomain .fencing101.com
http_access deny OriginsThatComplainOfAbuse
deny_info TCP_RESET OriginsThatComplainOfAbuse
acl soedirman dstdomain soedirman.gudangupload.com
http_access deny soedirman
http_access deny VIRUS
http_access deny YAHOOATTACK
http_access deny INADDR_ANY
acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE
deny_info TCP_RESET all
http_access deny all
snmp_port 3001
acl queryme snmp_community SquidSnmpSecret
#acl adminpc src 192.168.0.34/255.255.255.255
#acl researchpc src 192.168.0.70/255.255.255.255
#acl squidadminpc src 192.168.0.221/255.255.255.255
#acl mgmtpc src 192.168.0.221/255.255.255.255
snmp_access allow queryme localhost
#snmp_access allow queryme adminpc
#snmp_access allow queryme researchpc
#snmp_access allow queryme squidadminpc
#snmp_access allow queryme mgmtpc
snmp_access deny all
#icp_access allow mynetwork
icp_access deny all
miss_access allow all
#append_domain .example.com
#Always direct allow to yahoo.com and hotmail.com
acl yahoo dstdomain login.yahoo.com
acl yahoo dstdomain mail.yahoo.com
acl hotmail dstdomain hotmail.com
always_direct allow yahoo
always_direct allow hotmail
ie_refresh on
######## End of squid.conf ###############




بای



موضوعات مشابه: