forum.opennet.ru

Составление сообщения

Исходное сообщение

"transparent squid + parent proxy"
Отправлено sergey, 31-Мрт-08 13:52

Обстановка такая: сконфигурировал проски на работу с родительским прокси провайдера, но трафик с моего сквида продолжает переть напрямую в инет не заходя на родителя.
[root@localgate squid]# uname -a
Linux localgate.adrem.local 2.6.18-std-smp-alt7 #1 SMP Sat Aug 4 00:07:54 MSD 2007 i686 GNU/Linux

[root@localgate squid]# squid -v
Squid Cache: Version 2.6.STABLE18
configure options:  '--build=i586-alt-linux' '--host=i586-alt-linux' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-dependency-tracking' '--without-included-gettext' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--sysconfdir=/etc/squid' '--datadir=/usr/share/squid' '--disable-poll' '--enable-epoll' '--enable-snmp' '--enable-removal-policies=lru heap' '--enable-delay-pools' '--enable-icmp' '--enable-htcp' '--enable-async-io=16' '--enable-useragent-log' '--enable-wccp' '--enable-wccpv2' '--with-gnu-regex' '--enable-arp-acl' '--enable-ssl' '--enable-forw-via-db' '--enable-follow-x-forwarded-for' '--enable-forward-log' '--enable-referer-log' '--enable-ident-lookups' '--enable-carp' '--enable-ntlm-fail-open' '--enable-cache-digests' '--enable-x-accelerator-vary' '--enable-auth=basic ntlm digest negotiate' '--enable-basic-auth-helpers=DB LDAP MSNT NCSA PAM POP3 SASL SMB YP getpwnam multi-domain-NTLM' '--enable-ntlm-auth-helpers=SMB fakeauth no_check' '--enable-digest-auth-helpers=ldap password eDirectory' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user ldap_group unix_group session wbinfo_group' '--enable-storeio=aufs coss diskd null ufs' '--enable-default-err-language=English' '--with-large-files' '--enable-large-cache-files' '--enable-icap-support' '--enable-multicast-miss' '--enable-underscores' '--enable-fd-config' '--with-maxfd=16384' 'build_alias=i586-alt-linux' 'host_alias=i586-alt-linux' 'CFLAGS=-pipe -Wall -O2 -march=i586 -mtune=i686'
[root@localgate squid]# iptables -L -v -n
Chain INPUT (policy DROP 4 packets, 1534 bytes)
pkts bytes target     prot opt in     out     source               destination
  194 41479 ACCEPT     0    --  lo     *       0.0.0.0/0            0.0.0.0/0
12935 2164K ACCEPT     0    --  *      *       192.168.0.0/24       0.0.0.0/0
  125 14411 ACCEPT     tcp  --  eth1   *       0.0.0.0/0            0.0.0.0/0           multiport sports 21,25,53,110,143,443,3128,3130,5190,5222,30025,30110
  112  5224 ACCEPT     tcp  --  eth1   *       0.0.0.0/0            0.0.0.0/0           multiport dports 21,22
12111   12M ACCEPT     tcp  --  eth1   *       0.0.0.0/0            0.0.0.0/0           multiport dports 1024:65535
    0     0 ACCEPT     udp  --  eth1   *       0.0.0.0/0            0.0.0.0/0           udp spt:53
    0     0 ACCEPT     tcp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     udp  --  ppp0   *       0.0.0.0/0            0.0.0.0/0
   95  5634 ACCEPT     icmp --  eth1   *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     icmp --  ppp0   *       0.0.0.0/0            0.0.0.0/0
Chain FORWARD (policy DROP 49 packets, 2841 bytes)
pkts bytes target     prot opt in     out     source               destination
  184 11514 ACCEPT     udp  --  eth0   eth1    192.168.0.1          0.0.0.0/0           udp dpt:53
  183 42503 ACCEPT     udp  --  eth1   eth0    0.0.0.0/0            192.168.0.1         udp spt:53
    0     0 ACCEPT     tcp  --  eth0   eth1    192.168.0.1          0.0.0.0/0           tcp dpt:53
    0     0 ACCEPT     tcp  --  eth1   eth0    0.0.0.0/0            192.168.0.1         tcp spt:53
4185  856K ACCEPT     tcp  --  *      *       192.168.0.0/24       0.0.0.0/0           multiport dports 25,110,443,5190,5222,30025,30110,4899
5281 3710K ACCEPT     tcp  --  *      *       0.0.0.0/0            192.168.0.0/24      multiport sports 25,110,443,5190,5222,30025,30110,4899
   19  1596 ACCEPT     udp  --  *      *       192.168.0.0/24       0.0.0.0/0           udp dpt:87
   19   988 ACCEPT     udp  --  *      *       0.0.0.0/0            192.168.0.0/24      udp spt:87
    0     0 ACCEPT     tcp  --  *      *       192.168.0.11         193.109.114.130
    0     0 ACCEPT     tcp  --  *      *       193.109.114.130      192.168.0.11
    0     0 ACCEPT     0    --  *      ppp0    192.168.0.0/24       0.0.0.0/0
    0     0 ACCEPT     0    --  ppp0   *       0.0.0.0/0            192.168.0.0/24
    0     0 ACCEPT     icmp --  *      *       192.168.0.0/24       0.0.0.0/0
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            192.168.0.0/24
Chain OUTPUT (policy ACCEPT 1241K packets, 526M bytes)
pkts bytes target     prot opt in     out     source               destination
[root@localgate squid]# iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 17772 packets, 1764K bytes)
pkts bytes target     prot opt in     out     source               destination
  817 39216 REDIRECT   tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80 redir ports 3128
Chain POSTROUTING (policy ACCEPT 21814 packets, 1227K bytes)
pkts bytes target     prot opt in     out     source               destination
  138  7372 MASQUERADE  0    --  *      eth1    192.168.0.0/24       0.0.0.0/0
    0     0 MASQUERADE  0    --  *      ppp0    192.168.0.0/24       0.0.0.0/0
Chain OUTPUT (policy ACCEPT 22078 packets, 1241K bytes)
pkts bytes target     prot opt in     out     source               destination
[root@localgate squid]# cat squid.conf|grep ^[^#]
acl _sams_47d785f4cf21d src "/etc/squid/47d785f4cf21d.sams"
acl _sams_47d79752d4b6e src "/etc/squid/47d79752d4b6e.sams"
acl _sams_47d79782ca8c6 src "/etc/squid/47d79782ca8c6.sams"
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443          # https
acl SSL_ports port 563          # snews
acl Rsync_ports port 873
acl Jabber_ports port 5222 5223
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 563         # snews
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 631         # cups
acl Safe_ports port 873         # rsync
acl Safe_ports port 901         # SWAT
acl CONNECT method CONNECT
http_access allow _sams_47d785f4cf21d
http_access allow _sams_47d79752d4b6e
http_access allow _sams_47d79782ca8c6
http_access allow all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports !Jabber_ports !Rsync_ports
http_access allow localhost
http_access deny all
http_port 192.168.0.2:3128 transparent
cache_peer proxy.mplik.ru parent 3128 3130
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
url_rewrite_program /usr/bin/samsredir
url_rewrite_children 10
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
refresh_pattern ^ftp:         &n... 1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
visible_hostname localgate
always_direct allow all
coredump_dir /var/spool/squid

[root@localgate squid]# tail -n 40 /var/log/squid/cache.log
2008/03/31 15:12:15| User-Agent logging is disabled.
2008/03/31 15:12:15| Referer logging is disabled.
2008/03/31 15:12:15| DNS Socket created at 0.0.0.0, port 32813, FD 8
2008/03/31 15:12:15| Adding nameserver 192.168.0.1 from /etc/resolv.conf
2008/03/31 15:12:15| Adding domain adrem.local from /etc/resolv.conf
2008/03/31 15:12:15| helperOpenServers: Starting 10 'samsredir' processes
2008/03/31 15:12:15| Unlinkd pipe opened on FD 26
2008/03/31 15:12:15| Accepting transparently proxied HTTP connections at 192.168.0.2, port 3128, FD 24.
2008/03/31 15:12:15| Accepting ICP messages at 0.0.0.0, port 3130, FD 25.
2008/03/31 15:12:15| HTCP Disabled.
2008/03/31 15:12:15| WCCP Disabled.
2008/03/31 15:12:15| Pinger socket opened on FD 27
2008/03/31 15:12:15| Configuring Parent proxy.mplik.ru/3128/3130
2008/03/31 15:12:15| Loaded Icons.
2008/03/31 15:12:15| Ready to serve requests.
2008/03/31 15:12:45| netdbExchangeHandleReply: corrupt data, aborting
2008/03/31 15:20:35| WARNING: All url_rewriter processes are busy.
2008/03/31 15:20:35| WARNING: up to 11 pending requests queued
2008/03/31 15:45:12| NETDB state saved; 370 entries, 2 msec
2008/03/31 15:48:37| Reconfiguring Squid Cache (version 2.6.STABLE18)...
2008/03/31 15:48:37| FD 24 Closing HTTP connection
2008/03/31 15:48:37| Closing Pinger socket on FD 27
2008/03/31 15:48:37| FD 25 Closing ICP connection
2008/03/31 15:48:37| Closing unlinkd pipe on FD 26
2008/03/31 15:48:37| Initialising SSL.
2008/03/31 15:48:37| User-Agent logging is disabled.
2008/03/31 15:48:37| Referer logging is disabled.
2008/03/31 15:48:37| DNS Socket created at 0.0.0.0, port 32814, FD 8
2008/03/31 15:48:37| Adding nameserver 192.168.0.1 from /etc/resolv.conf
2008/03/31 15:48:37| Adding domain adrem.local from /etc/resolv.conf
2008/03/31 15:48:37| helperOpenServers: Starting 10 'samsredir' processes
2008/03/31 15:48:37| Unlinkd pipe opened on FD 26
2008/03/31 15:48:37| Accepting transparently proxied HTTP connections at 192.168.0.2, port 3128, FD 24.
2008/03/31 15:48:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 25.
2008/03/31 15:48:37| HTCP Disabled.
2008/03/31 15:48:37| WCCP Disabled.
2008/03/31 15:48:37| Pinger socket opened on FD 27
2008/03/31 15:48:37| Configuring Parent proxy.mplik.ru/3128/3130
2008/03/31 15:48:37| Loaded Icons.
2008/03/31 15:48:37| Ready to serve requests.
2008/03/31 15:49:15| netdbExchangeHandleReply: corrupt data, aborting
[root@localgate squid]#

для того чтоб наверняка мой шлюз не шел в инет самостоятельно по http пишу в iptables

iptables -A OUTPUT -p tcp -o "внешняя сетевка" --dport 80 -j DROP

пробую из внутренней сети вылезти на какойнидь сайт - ничего не происходит, а если посмотреть счетчики iptables по новому правилу - они растут ка раз в соответствии с запросами клиентского браузера.

У кого есть мысли по этому поводу буду очень благодарен

Исходное сообщение
"transparent squid + parent proxy" Отправлено sergey, 31-Мрт-08 13:52
Обстановка такая: сконфигурировал проски на работу с родительским прокси провайдера, но трафик с моего сквида продолжает переть напрямую в инет не заходя на родителя. [root@localgate squid]# uname -a Linux localgate.adrem.local 2.6.18-std-smp-alt7 #1 SMP Sat Aug 4 00:07:54 MSD 2007 i686 GNU/Linux [root@localgate squid]# squid -v Squid Cache: Version 2.6.STABLE18 configure options: '--build=i586-alt-linux' '--host=i586-alt-linux' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/lib' '--localstatedir=/var/lib' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-dependency-tracking' '--without-included-gettext' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--sysconfdir=/etc/squid' '--datadir=/usr/share/squid' '--disable-poll' '--enable-epoll' '--enable-snmp' '--enable-removal-policies=lru heap' '--enable-delay-pools' '--enable-icmp' '--enable-htcp' '--enable-async-io=16' '--enable-useragent-log' '--enable-wccp' '--enable-wccpv2' '--with-gnu-regex' '--enable-arp-acl' '--enable-ssl' '--enable-forw-via-db' '--enable-follow-x-forwarded-for' '--enable-forward-log' '--enable-referer-log' '--enable-ident-lookups' '--enable-carp' '--enable-ntlm-fail-open' '--enable-cache-digests' '--enable-x-accelerator-vary' '--enable-auth=basic ntlm digest negotiate' '--enable-basic-auth-helpers=DB LDAP MSNT NCSA PAM POP3 SASL SMB YP getpwnam multi-domain-NTLM' '--enable-ntlm-auth-helpers=SMB fakeauth no_check' '--enable-digest-auth-helpers=ldap password eDirectory' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user ldap_group unix_group session wbinfo_group' '--enable-storeio=aufs coss diskd null ufs' '--enable-default-err-language=English' '--with-large-files' '--enable-large-cache-files' '--enable-icap-support' '--enable-multicast-miss' '--enable-underscores' '--enable-fd-config' '--with-maxfd=16384' 'build_alias=i586-alt-linux' 'host_alias=i586-alt-linux' 'CFLAGS=-pipe -Wall -O2 -march=i586 -mtune=i686' [root@localgate squid]# iptables -L -v -n Chain INPUT (policy DROP 4 packets, 1534 bytes) pkts bytes target prot opt in out source destination 194 41479 ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0 12935 2164K ACCEPT 0 -- * * 192.168.0.0/24 0.0.0.0/0 125 14411 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 multiport sports 21,25,53,110,143,443,3128,3130,5190,5222,30025,30110 112 5224 ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22 12111 12M ACCEPT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 multiport dports 1024:65535 0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp spt:53 0 0 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 95 5634 ACCEPT icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 49 packets, 2841 bytes) pkts bytes target prot opt in out source destination 184 11514 ACCEPT udp -- eth0 eth1 192.168.0.1 0.0.0.0/0 udp dpt:53 183 42503 ACCEPT udp -- eth1 eth0 0.0.0.0/0 192.168.0.1 udp spt:53 0 0 ACCEPT tcp -- eth0 eth1 192.168.0.1 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT tcp -- eth1 eth0 0.0.0.0/0 192.168.0.1 tcp spt:53 4185 856K ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 multiport dports 25,110,443,5190,5222,30025,30110,4899 5281 3710K ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.0/24 multiport sports 25,110,443,5190,5222,30025,30110,4899 19 1596 ACCEPT udp -- * * 192.168.0.0/24 0.0.0.0/0 udp dpt:87 19 988 ACCEPT udp -- * * 0.0.0.0/0 192.168.0.0/24 udp spt:87 0 0 ACCEPT tcp -- * * 192.168.0.11 193.109.114.130 0 0 ACCEPT tcp -- * * 193.109.114.130 192.168.0.11 0 0 ACCEPT 0 -- * ppp0 192.168.0.0/24 0.0.0.0/0 0 0 ACCEPT 0 -- ppp0 * 0.0.0.0/0 192.168.0.0/24 0 0 ACCEPT icmp -- * * 192.168.0.0/24 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 192.168.0.0/24 Chain OUTPUT (policy ACCEPT 1241K packets, 526M bytes) pkts bytes target prot opt in out source destination [root@localgate squid]# iptables -t nat -L -v -n Chain PREROUTING (policy ACCEPT 17772 packets, 1764K bytes) pkts bytes target prot opt in out source destination 817 39216 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 3128 Chain POSTROUTING (policy ACCEPT 21814 packets, 1227K bytes) pkts bytes target prot opt in out source destination 138 7372 MASQUERADE 0 -- * eth1 192.168.0.0/24 0.0.0.0/0 0 0 MASQUERADE 0 -- * ppp0 192.168.0.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 22078 packets, 1241K bytes) pkts bytes target prot opt in out source destination [root@localgate squid]# cat squid.conf\|grep ^[^#] acl _sams_47d785f4cf21d src "/etc/squid/47d785f4cf21d.sams" acl _sams_47d79752d4b6e src "/etc/squid/47d79752d4b6e.sams" acl _sams_47d79782ca8c6 src "/etc/squid/47d79782ca8c6.sams" acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl Rsync_ports port 873 acl Jabber_ports port 5222 5223 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 563 # snews acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl CONNECT method CONNECT http_access allow _sams_47d785f4cf21d http_access allow _sams_47d79752d4b6e http_access allow _sams_47d79782ca8c6 http_access allow all http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports !Jabber_ports !Rsync_ports http_access allow localhost http_access deny all http_port 192.168.0.2:3128 transparent cache_peer proxy.mplik.ru parent 3128 3130 hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid url_rewrite_program /usr/bin/samsredir url_rewrite_children 10 acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: &n... 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache visible_hostname localgate always_direct allow all coredump_dir /var/spool/squid [root@localgate squid]# tail -n 40 /var/log/squid/cache.log 2008/03/31 15:12:15\| User-Agent logging is disabled. 2008/03/31 15:12:15\| Referer logging is disabled. 2008/03/31 15:12:15\| DNS Socket created at 0.0.0.0, port 32813, FD 8 2008/03/31 15:12:15\| Adding nameserver 192.168.0.1 from /etc/resolv.conf 2008/03/31 15:12:15\| Adding domain adrem.local from /etc/resolv.conf 2008/03/31 15:12:15\| helperOpenServers: Starting 10 'samsredir' processes 2008/03/31 15:12:15\| Unlinkd pipe opened on FD 26 2008/03/31 15:12:15\| Accepting transparently proxied HTTP connections at 192.168.0.2, port 3128, FD 24. 2008/03/31 15:12:15\| Accepting ICP messages at 0.0.0.0, port 3130, FD 25. 2008/03/31 15:12:15\| HTCP Disabled. 2008/03/31 15:12:15\| WCCP Disabled. 2008/03/31 15:12:15\| Pinger socket opened on FD 27 2008/03/31 15:12:15\| Configuring Parent proxy.mplik.ru/3128/3130 2008/03/31 15:12:15\| Loaded Icons. 2008/03/31 15:12:15\| Ready to serve requests. 2008/03/31 15:12:45\| netdbExchangeHandleReply: corrupt data, aborting 2008/03/31 15:20:35\| WARNING: All url_rewriter processes are busy. 2008/03/31 15:20:35\| WARNING: up to 11 pending requests queued 2008/03/31 15:45:12\| NETDB state saved; 370 entries, 2 msec 2008/03/31 15:48:37\| Reconfiguring Squid Cache (version 2.6.STABLE18)... 2008/03/31 15:48:37\| FD 24 Closing HTTP connection 2008/03/31 15:48:37\| Closing Pinger socket on FD 27 2008/03/31 15:48:37\| FD 25 Closing ICP connection 2008/03/31 15:48:37\| Closing unlinkd pipe on FD 26 2008/03/31 15:48:37\| Initialising SSL. 2008/03/31 15:48:37\| User-Agent logging is disabled. 2008/03/31 15:48:37\| Referer logging is disabled. 2008/03/31 15:48:37\| DNS Socket created at 0.0.0.0, port 32814, FD 8 2008/03/31 15:48:37\| Adding nameserver 192.168.0.1 from /etc/resolv.conf 2008/03/31 15:48:37\| Adding domain adrem.local from /etc/resolv.conf 2008/03/31 15:48:37\| helperOpenServers: Starting 10 'samsredir' processes 2008/03/31 15:48:37\| Unlinkd pipe opened on FD 26 2008/03/31 15:48:37\| Accepting transparently proxied HTTP connections at 192.168.0.2, port 3128, FD 24. 2008/03/31 15:48:37\| Accepting ICP messages at 0.0.0.0, port 3130, FD 25. 2008/03/31 15:48:37\| HTCP Disabled. 2008/03/31 15:48:37\| WCCP Disabled. 2008/03/31 15:48:37\| Pinger socket opened on FD 27 2008/03/31 15:48:37\| Configuring Parent proxy.mplik.ru/3128/3130 2008/03/31 15:48:37\| Loaded Icons. 2008/03/31 15:48:37\| Ready to serve requests. 2008/03/31 15:49:15\| netdbExchangeHandleReply: corrupt data, aborting [root@localgate squid]# для того чтоб наверняка мой шлюз не шел в инет самостоятельно по http пишу в iptables iptables -A OUTPUT -p tcp -o "внешняя сетевка" --dport 80 -j DROP пробую из внутренней сети вылезти на какойнидь сайт - ничего не происходит, а если посмотреть счетчики iptables по новому правилу - они растут ка раз в соответствии с запросами клиентского браузера. У кого есть мысли по этому поводу буду очень благодарен

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру