salam
man ye moshgeli daram
man nemitoonam squid ro run konam dar ghesmat e vi /proc/sys/net/ipv4/ip_forward
dar in ghesmat 0 va dasti ham ke 1 mizaram va sys ro reboot mikanam baz 0 mishe va squid ham run nemishe
manoo lotfan rahnamii konid mamnon.
Printable View
salam
man ye moshgeli daram
man nemitoonam squid ro run konam dar ghesmat e vi /proc/sys/net/ipv4/ip_forward
dar in ghesmat 0 va dasti ham ke 1 mizaram va sys ro reboot mikanam baz 0 mishe va squid ham run nemishe
manoo lotfan rahnamii konid mamnon.
دوست عزیز
قبل از هر چیزی خواهشمندم با توجه به قوانین انجمن ; سوال رو یا به صورت فارسی و یا به صورت انگلیسی مطرح بفرما و از تایپ به صورت فینگلیش خودداری کن...
این خط رو به /etc/rc.d/rc.local اضافه کن و سیستم رو ریستارت کن امیدوارم مشکلت حل بشه:
[CODE]echo "1" > /proc/sys/net/ipv4/ip_forward[/CODE]
سلام
آقا سامان
[left]echo "1" > /proc/sys/net/ipv4/ip_forward در rc.local هست .مشكل من هم دقيقا همينه
اگه ميشه بيشتر راهنمايي كنيد.ممنون [/left]
سلام دوست عزیز:
تا اونجایی که من برداشت کردم ...شما دو تا مشکل دارید:
یکی اینکه نمی تونید روتینگ رو روی سیستم فعال کنید ...و اون یکی مشکل با راه اندازی سرویس اسکویید..
درسته؟
لطف کنید فهرست وار کارهایی که تا الان انجام دادید بفرمایید تا با دید بهتری مشکل بررسی بشه..
[size=2]آقا كل كانفيگ
[right]http_port 3128[/right]
cache_mem 512 M
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]dead_peer_timeout 30 seconds
hierarchy_stoplist cgi-bin[/size][font=Courier New (Arabic)][size=2] ?
[/right]
[/size][/font][size=2][right]acl QUERY urlpath_regex cgi-bin[/size][font=Courier New (Arabic)][size=2] \?
[/right]
[/size][/font][size=2][right]no_cache deny QUERY
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]maximum_object_size 32000 KB
maximum_object_size_in_memory 64 KB
minimum_object_size 0 KB
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_replacement_policy heap LFUDA
memory_replacement_policy heap LRU
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_dir aufs /cache 30000 16 256
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_access_log /var/log/squid/access.log
cache_store_log none
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]pid_filename /var/run/squid.pid
refresh_pattern [url="http://*.windowsupdate.microsoft.com/"]http://*.windowsupdate.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://office.microsoft.com/"]http://office.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://windowsupdate.microsoft.com/"]http://windowsupdate.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://wxpsp2.microsoft.com/"]http://wxpsp2.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://xpsp1.microsoft.com/"]http://xpsp1.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://w2ksp4.microsoft.com/"]http://w2ksp4.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://download.microsoft.com/"]http://download.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://download.macromedia.com/"]http://download.macromedia.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="ftp://ftp.nai.com/"]ftp://ftp.nai.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://ftp.software.ibm.com/"]http://ftp.software.ibm.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]acl all src 0.0.0.0/0.0.0.0
acl localnet src 192.168.0.0/255.255.255.0
acl localip src x.x.x.x/255.255.255.255
acl users src x.x.x.x/255.255.255.x
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]acl x src 62.60.198.0/255.255.255.0[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]acl xlocal src 192.168.250.0/255.255.255.0[/font]
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl ssl_ports port 873
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmto
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl purge method PURGE
acl CONNECT method CONNECT
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_access allow manager localhost
http_access deny localip
http_access allow localnet
http_access allow users
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]http_access deny mori[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]http_access deny morilocal[/font]
http_access deny manager
http_access deny !Safe_ports
http_access allow purge localhost
http_access deny CONNECT !SSL_ports
http_access deny purge
http_access deny to_localhost
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_access allow localhost
http_access deny all
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_reply_access allow all
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_effective_user squid
cache_effective_group squid
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]half_closed_clients on
cache_swap_high 100%
cache_swap_low 80%
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]visible_hostname localhost[/size][font=Courier New (Arabic)][size=2]
[/right]
[/size][/font][size=2][right]cache_mgr [/size][size=2]
[/right]
[right]httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]quick_abort_min 32 KB
quick_abort_max 32 KB
quick_abort_pct 95
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]negative_ttl 3 minutes
positive_dns_ttl 6 hours
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]pipeline_prefetch on
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]acl Media urlpath_regex -i \.arj?$ \.au?$ \.asf?$ \.aif?$ \.avi?$ \.bz2?$ \.bin?$ \.cab?$ \.exe?$ \.iso?$ \.msi?$ \.mp3?$ \.mpg?$ \.mpe?$ \.mpeg?$ \.mp2?$ \.mov?$ \.qt?$ \.raw?$ \.ram?$ \.ra?$ \.rar?$ \.rm?$ \.rpm?$ \.tar?$ \.tar.gz?$ \.tgz?$ \.wmv?$ \.wma?$ \.wav?$ \.zip?$ \.mmf?$ \.sis?$ \.midi?$ \.3gp?$ \.psf[/size][font=Courier New (Arabic)][size=2]?$
[/right]
[/size][/font][size=2][right]delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 10000/3000000 5000/50000000 3000/10000000 1000/15000000
delay_access 1 allow Media
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]acl snmpkey snmp_community qazxsw[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]snmp_port 3401[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]snmp_access allow snmpkey localhost[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]snmp_access deny all[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right][font=Times New Roman][/font]
[/right]
[/size][/font][size=2][right]http_port 3128
cache_mem 512 MB
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]dead_peer_timeout 30 seconds
hierarchy_stoplist cgi-bin[/size][font=Courier New (Arabic)][size=2] ?
[/right]
[/size][/font][size=2][right]acl QUERY urlpath_regex cgi-bin[/size][font=Courier New (Arabic)][size=2] \?
[/right]
[/size][/font][size=2][right]no_cache deny QUERY
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]maximum_object_size 32000 KB
maximum_object_size_in_memory 64 KB
minimum_object_size 0 KB
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_replacement_policy heap LFUDA
memory_replacement_policy heap LRU
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_dir aufs /cache 30000 16 256
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_access_log /var/log/squid/access.log
cache_store_log none
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]pid_filename /var/run/squid.pid
refresh_pattern [url="http://*.windowsupdate.microsoft.com/"]http://*.windowsupdate.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://office.microsoft.com/"]http://office.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://windowsupdate.microsoft.com/"]http://windowsupdate.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://wxpsp2.microsoft.com/"]http://wxpsp2.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://xpsp1.microsoft.com/"]http://xpsp1.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://w2ksp4.microsoft.com/"]http://w2ksp4.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://download.microsoft.com/"]http://download.microsoft.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://download.macromedia.com/"]http://download.macromedia.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="ftp://ftp.nai.com/"]ftp://ftp.nai.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern [url="http://ftp.software.ibm.com/"]http://ftp.software.ibm.com/[/url] 0 80% 20160 reload-into-ims
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]acl all src 0.0.0.0/0.0.0.0
acl localnet src 192.168.0.0/255.255.255.0
acl localip src x.x.x.x/255.255.255.255
acl users src x.x.x.x/255.255.255.x
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]acl x src x.x.x.0/255.255.255.0[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]acl x src x.x.x.x/255.255.255.0[/font]
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl ssl_ports port 873
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmto
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl purge method PURGE
acl CONNECT method CONNECT
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_access allow manager localhost
http_access deny localip
http_access allow localnet
http_access allow users
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]http_access deny mori[/font]
[/right]
[/size][font=Courier New (Arabic)][size=2][right]#[/size][/font][size=2][font=Times New Roman]http_access deny morilocal[/font]
http_access deny manager
http_access deny !Safe_ports
http_access allow purge localhost
http_access deny CONNECT !SSL_ports
http_access deny purge
http_access deny to_localhost
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_access allow localhost
http_access deny all
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]http_reply_access allow all
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]cache_effective_user squid
cache_effective_group squid
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]half_closed_clients on
cache_swap_high 100%
cache_swap_low 80%
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]visible_hostname localhost[/size][font=Courier New (Arabic)][size=2]
[/right]
[/size][/font][size=2][right]cache_mgr [/size][font=Courier New (Arabic)][size=2]
[/right]
[/size][/font][size=2][right]httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]quick_abort_min 32 KB
quick_abort_max 32 KB
quick_abort_pct 95
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]negative_ttl 3 minutes
positive_dns_ttl 6 hours
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]pipeline_prefetch on
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]acl Media urlpath_regex -i \.arj?$ \.au?$ \.asf?$ \.aif?$ \.avi?$ \.bz2?$ \.bin?$ \.cab?$ \.exe?$ \.iso?$ \.msi?$ \.mp3?$ \.mpg?$ \.mpe?$ \.mpeg?$ \.mp2?$ \.mov?$ \.qt?$ \.raw?$ \.ram?$ \.ra?$ \.rar?$ \.rm?$ \.rpm?$ \.tar?$ \.tar.gz?$ \.tgz?$ \.wmv?$ \.wma?$ \.wav?$ \.zip?$ \.mmf?$ \.sis?$ \.midi?$ \.3gp?$ \.psf[/size][font=Courier New (Arabic)][size=2]?$
[/right]
[/size][/font][size=2][right]delay_pools 1
delay_class 1 2
delay_parameters 1 -1/-1 10000/3000000 5000/50000000 3000/10000000 1000/15000000
delay_access 1 allow Media
[/right]
[/size][font=Courier New (Arabic)][size=2][right]
[/right]
[/size][/font][size=2][right]اينم ارسي
[/right]
[size=2][right]
# [/size][font=Courier New][size=2]This script will be executed *after* all the other init scripts[/size][/font][size=2].
# [/size][font=Courier New][size=2]You can put your own initialization stuff in here if you don't
[/right]
[/size][/font][size=2][right]# [/size][font=Courier New][size=2]want to do the full Sys V style init stuff[/size][/font][size=2].
[/right]
[/size][font=Courier New][size=2][right]touch /var/lock/subsys/local
[/right]
[/size][/font][size=2][right]
[/right]
[/size][font=Courier New][size=2][right]echo 1 > /proc/sys/net/ipv4/ip_forward
[/right]
[/size][/font][size=2][right]
[/right]
[/size][font=Courier New][size=2][right]iptables --flush --table nat
iptables --flush --table filter
iptables -t filter -A FORWARD -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
[/right]
[/size][/font][size=2][right]
#/[/size][font=Courier New][size=2]usr/local/squid/sbin/squid[/size][/font]
[font=Courier New][size=2]لطف كنيد كمك كنيد
[/right]
[/size][/font][/size]
دوست من
شما rc.local رو به اینصورت تنظیم کن و بعد از ریستارت کردن سیستم در صورت بروز مشکلLog های اسکویید را چک بفرما و Error حاصل را قید بفرما :
[CODE]iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128
echo "1">/proc/sys/net/ipv4/ip_forward
/usr/local/squid/bin/RunCache &[/CODE]
اول cache_mem شما خیلی بالاست
بهتره 512 به 128 یا 64 تغیر بدید
بعد این دستور به rc.local اضافه کنید
echo 1 >/proc/sys/net/ipv4/ip_forward
بعد این فایل ویرایش کنید
sysctl.con
تو شاخه etc
ip_forward مقدارش 0 است اونو به 1 تغیر دهید
کمی هم squid.conf مرتب کنید
خیلی شرت و پرت توش
سلام
آقا سامان من دستوراتي را كه دادين انجام دادم.بازم نشد.اصلا" ip_forward يك نمي شه.
ديوانه شدم
دوست عزیز
از چه توزیع لینوکسی استفاده می کنی؟ چه تعداد کارت شبکه داری؟ روی این سیستم سرویس های دیگه ای هم ارایه میدی؟
با دو كارت شبكه
redhat en3