squid для WL-500gP

Quote:

---

Originally Posted by oleg71

×òî-ò òåìà ãëîõíåò
íèêòî ÷òî-ëü íå ïîëüçóåòñÿ squid"îì
ãîâîðÿò ýêîíîìèò òðàôôèê!
×òî äóìàåòå? ïî ýòîìó ïîâîäó.

---

squid ðóë¸ç!
òåìà íå ãëîõíåò.. ïðîñòî ïðî÷èòàâ âåòêó íàõîäèøü 100% îòâåòîâ!!!!

ýêîíîìèþ òðàôèêà íå çàìåðÿë, íî âèäèìî äîëæåí áûòü ò.ê. êýø â íåêîòîðûõ ñëó÷àÿõ áûñòðåå ìåäëåííîãî èíòåðíåòó!!!

Quote:

---

Originally Posted by serji

squid ðóë¸ç!
òåìà íå ãëîõíåò.. ïðîñòî ïðî÷èòàâ âåòêó íàõîäèøü 100% îòâåòîâ!!!!

ýêîíîìèþ òðàôèêà íå çàìåðÿë, íî âèäèìî äîëæåí áûòü ò.ê. êýø â íåêîòîðûõ ñëó÷àÿõ áûñòðåå ìåäëåííîãî èíòåðíåòó!!!

---

Ðóëåç, ðóëåç!

Âîò ïî ñòàòèñòèêå è àíàëèçó ëîãîâ squid"à ó ìåíÿ çàñàäà...
ïîñîâåòóéòå, î÷åíü íóæíî ìàëîâåñíîå... ëåãêîå :)

Quote:

---

Originally Posted by oleg71

×òî-ò òåìà ãëîõíåò
íèêòî ÷òî-ëü íå ïîëüçóåòñÿ squid"îì
ãîâîðÿò ýêîíîìèò òðàôôèê!
×òî äóìàåòå? ïî ýòîìó ïîâîäó.

---

êàê ýòî ñäåëàòü? ñæèìàòü òðàôèê gzip? íî êàê ýòî ñäåëàòü?
êòî áû åùå ñêîìïèëèðîâàë squidguard ïîä ðîóòåð

Quote:

---

Originally Posted by oleg71

Ðóëåç, ðóëåç!

Âîò ïî ñòàòèñòèêå è àíàëèçó ëîãîâ squid"à ó ìåíÿ çàñàäà...
ïîñîâåòóéòå, î÷åíü íóæíî ìàëîâåñíîå... ëåãêîå :)

---

ïîñòàâèë lightsquid
óäîáíî, íå ñêàæó ÷òî ëåãêàÿ, íî ðàáîòàåò 8)

Quote:

---

Originally Posted by serji

ïîñòàâèë lightsquid
óäîáíî, íå ñêàæó ÷òî ëåãêàÿ, íî ðàáîòàåò 8)

---

LightSquid
Required software:
Perl :eek:
http server (Apache, lighthttpd, etc)
Squid
Cron

äà óæ, ëåãîíüêèé :D

×òî äóìàåòå ïðî cachemangr îò ñàìîãî squid'a ?
íî ãàä òîæå php òðåáóåò.

ìíå êàæåòñÿ îíè âñå îäèíàêîâûå.....
è ðåñóðñîâ æðóò ÎÃÐÎÌÅÍÍÎÅ êîëè÷åñòâî...
====================
ñêîëüêî ðîóòåð íå íàïè÷êèâàé,
à ñåðâåðîì îí íå ñòàíåò 8((

Quote:

---

Originally Posted by lagshmi

êàê ýòî ñäåëàòü? ñæèìàòü òðàôèê gzip? íî êàê ýòî ñäåëàòü?
êòî áû åùå ñêîìïèëèðîâàë squidguard ïîä ðîóòåð

---

Ïîëüçîâàëñÿ toonel òîæå ñæèìàåò, íî ÈÌÕÎ ñæàòèå-ðàçæàòèå ýòî îäíî, à òóò êýø, äàííûå áåðóòñÿ ñ íåãî, íå òðàòèòñÿ âðåìÿ íà ñæàòèå-ðàçæàòèå. Êðóã ñàéòîâ ïîñåùåíèé â èíåòå âñå ðàâíî åñòü, ïîýòîìó ýêîíîìèÿ åñòü.
Õì, ìíå êàçàëîñü, ÷òî squidguard åñòü.

Ïîäñêàæèòå, ïîæàëóéñòà, ñîçäàë òåìó î rtorrente, 2 ïðîâàéäåðàõ, ñêàçàëè ÷òî ïîìîæåò òîëüêî proxy ñåðâåð â ðàñïðåäåëåíèè ïîòîêîâ èíôîðìàöèè (down - ó áåçëèìèòíîãî ïðîâàéäåðà, à up - ÷åðåç ïðîâàéäåðà ñ áåçëèìèòíûì èñõîäÿùèì êàíàëîì).

Êàêèå íàñòðîéêè squida íåîáõîäèìî ñäåëàòü, ÷òîáû äàííàÿ ñõåìà çàðàáîòàëà?

Quote:

---

Originally Posted by garry111

Ïîäñêàæèòå, ïîæàëóéñòà, ñîçäàë òåìó î rtorrente, 2 ïðîâàéäåðàõ, ñêàçàëè ÷òî ïîìîæåò òîëüêî proxy ñåðâåð â ðàñïðåäåëåíèè ïîòîêîâ èíôîðìàöèè (down - ó áåçëèìèòíîãî ïðîâàéäåðà, à up - ÷åðåç ïðîâàéäåðà ñ áåçëèìèòíûì èñõîäÿùèì êàíàëîì).

Êàêèå íàñòðîéêè squida íåîáõîäèìî ñäåëàòü, ÷òîáû äàííàÿ ñõåìà çàðàáîòàëà?

---

squid òóò íåïðè÷åì. ó÷è ìàò÷àñòü.

ìîæåò ó êîãî åñòü squidguard ïîä íàøó ïðîøèâêó?:D

asdd â ìîåé òåìå ñêàçàë, ÷òî îáÿçàòåëüíî íóæåí ïðîêñè, à ñêâèä ñàìûé èçâåñòíûé ïðîêñè.
Ïðî ìàò÷àñòü ÿ òî ãîòîâ ó÷èòü, íî ÷òî êîíêðåòíî, íå çíàþ.

Quote:

---

Originally Posted by oleg71

LightSquid
Required software:

---

Íó, ÿ äîïóñòèì, ñíèìàþ ñòàòèñòèêó îäèí ðàç â ñóòêè...íî÷üþ, ïîýòîìó îñîáî íå ïàðóñü ïî ïîâîäó çàãðóçêè ðîóòåðà.

à ðåàëüíî íà ðîóòåðå squid çàñòàâèòü àâòîðèçîâàòü þçåðîâ èç AD?

Quote:

---

Originally Posted by atomsk

à ðåàëüíî íà ðîóòåðå squid çàñòàâèòü àâòîðèçîâàòü þçåðîâ èç AD?

---

Êîíå÷íî, òî÷íî ïî òåì-æå ïðàâèëàì, ÷òî è íà áîëüøîì Ëèíóêñå.

íàäî òîãäà ðîóòåð â äîìåí ââåñòè, ò.å. íóæåí kerberos, à îí ó ìåíÿ íèêàê íå õî÷åò ïîñåëèòüñÿ íà ðîóòåðå

Quote:

---

Originally Posted by Less

À Âû ïîñòàâòå ðàç â ÷àñ, 5 èëè 24.
Âàì àêòóàëüíà ðèàë òàéì ñòàòèñòèêà?

Ï.Ñ. äëÿ òåêóùèõ ñîåäèíåíèé ìîæíî ïîëüçîâàòü sqstat 1.2 sqstat

---

ïîïûòàëñÿ íàñòðîèòü SqStat

ïðè îáðàùåíèè ïèøåò

Code:

---

SqStat error
Error (1): Cannot get data. Server answered: HTTP/1.0 401 Unauthorized

---

Quote:

---

http://209.85.129.132/search?q=cache...TF-8&inlang=ru

Îøèáêà (1): Íå óäàåòñÿ ïîëó÷èòü äàííûå. Ñåðâåð îòâå÷àåò: HTTP/1.0 403 Çàïðåùåíî
Ýòî ïðîèñõîäèò ïîòîìó, ÷òî ìû ñòàâèì ñêðèïò: http_access îòðèöàòü ìåíåäæåð ôàéëîâ
squid.conf. Tempatkanlah ñöåíàðèé ÿâëÿåòñÿ íàèáîëåå âíèç ïî ïóíêòó http_access.

---

ïðè äîáàâëåíèè ôàéëà HOSTS.TXT ïîêàçûâàåò ïóñòóþ ñòðàíèöó...


Ãäå êîïàòü??

Quote:

---

Originally Posted by serji

ïîïûòàëñÿ íàñòðîèòü SqStat

ïðè îáðàùåíèè ïèøåò

Code:

---

SqStat error
Error (1): Cannot get data. Server answered: HTTP/1.0 401 Unauthorized

---

ïðè äîáàâëåíèè ôàéëà HOSTS.TXT ïîêàçûâàåò ïóñòóþ ñòðàíèöó...
Ãäå êîïàòü??

---

Îòêóäà Âû âçÿëè, ôàéë HOSTS.TXT? Äàííûé åíåîáõîäèìî âíîñèòü â

Code:

---

/etc/hosts

---

Âîò ìîé config.inc.php äëÿ sqStat

PHP Code:

---

<?php
/* global settings */

$use_js=true; // use javascript for the HTML toolkits

// Maximum URL length to display in URI table column
DEFINE("SQSTAT_SHOWLEN",60);

/* proxy settings */

/* Squid proxy server ip address or host name */
$squidhost[0]="localhost";
/* Squid proxy server port */
$squidport[0]=3128;
/* cachemgr_passwd in squid.conf. Leave blank to disable authorisation */
$cachemgr_passwd[0]="pro99st0";
/* Resolve user IP addresses or print them as numbers only [true|false] */
$resolveip[0]=true;
/* uncomment next line if you want to use hosts-like file.
   See hosts.txt.dist. */
// $hosts_file[0]="hosts.txt"
/* Group users by hostname - "host" or by User - "username". Username work only
   with squid 2.6+ */
$group_by[0]="host";
?>

---

Òàêæå Âû ÷èòàëè

Code:

---

/docs/README

---

Code:

---

  3. Edit your squid.conf to allow cachemgr protocol:

      acl manager proto cache_object
      # replace 10.0.0.1 with your webserver IP
      acl webserver src 10.0.0.1/255.255.255.255
      http_access allow manager webserver
      http_access deny manager

---

ïîìîãèòå ñ ââîäîì â äîìåí ASUSèêà ! )

×òî Âû èìååòå ââèäó? Ñ êàêîé öåëüþ Âàì ýòî íåîáõîäèìî?

÷òîáû ñêâèä þçåðîâ èç äîìåíà áðàë
ïîíèìàþ ðîóòåðó áóäåò òÿæåëî, íî ïîïðîáîâàòü õî÷åòñÿ

Quote:

---

Originally Posted by atomsk

÷òîáû ñêâèä þçåðîâ èç äîìåíà áðàë
ïîíèìàþ ðîóòåðó áóäåò òÿæåëî, íî ïîïðîáîâàòü õî÷åòñÿ

---

Íóæíû ïàêåòû kerberos, samba, squid.
Ïåðâîãî íåò ñðåäè ïàêåòîâ, ïðèä¸òñÿ ñîáèðàòü ñàìîìó.
Äàëüøå - http://www.google.com/search?q=squid+ad

êàê ðàç òàêè ïðîáëåìà â ñáîðêå êåðáåðîñà ïîä ðîóòåð...:(

Quote:

---

Originally Posted by atomsk

êàê ðàç òàêè ïðîáëåìà â ñáîðêå êåðáåðîñà ïîä ðîóòåð...:(

---

â òîì òî è áåäà, âðîäå ìîæíî ÷åðåç ðàäèóñ íî squid ñîáðàí áåç åãî ïîääåðæêè :(
[admin@gate root]$ squid -v
Squid Cache: Version 2.7.STABLE6
configure options: '--build=i386-pc-linux-gnu' '--host=mipsel-linux' '--target=mipsel-linux' '--prefix=/opt' '--bindir=/opt/
bin' '--sbindir=/opt/sbin' '--libexecdir=/opt/libexec' '--datadir=/opt/share/squid' '--sysconfdir=/opt/etc/squid' '--sharedst
atedir=/opt/com/squid' '--localstatedir=/opt/var/squid' '--libdir=/opt/lib' '--includedir=/opt/include' '--oldincludedir=/opt
/include' '--infodir=/opt/info' '--mandir=/opt/man' '--disable-epoll' '--enable-basic-auth-helpers=NCSA' '--disable-nls' '--e
nable-storeio=ufs,null' '--disable-carp' '--disable-wccp' '--disable-wccpv2' '--enable-delay-pools' '--enable-kill-parent-hac
k' '--enable-err-language=Russian-1251' '--enable-default-err-language=Russian-1251' '--disable-ident-lookups' 'build_alias=i
386-pc-linux-gnu' 'host_alias=mipsel-linux' 'target_alias=mipsel-linux' 'CC=/opt/optware/toolchain/mipsel-linux-uclibc/gcc-4.
1.1-uclibc-0.9.28/bin/mipsel-linux-uclibc-gcc' 'LDFLAGS= -L/opt/optware/staging/opt/lib -Wl,-rpath,/opt/lib -Wl,-rpath-link,/
opt/optware/staging/opt/lib ' 'CPPFLAGS=-O2 -pipe -I/opt/optware/staging/opt/include ' 'CPP=/opt/optware/toolchain/mipsel-
linux-uclibc/gcc-4.1.1-uclibc-0.9.28/bin/mipsel-linux-uclibc-gcc -E'

Quote:

---

Originally Posted by Less

Îòêóäà Âû âçÿëè, ôàéë HOSTS.TXT? Äàííûé åíåîáõîäèìî âíîñèòü â

Code:

---

/etc/hosts

---

---

ãäå òî íàãóãëèëîñü... óæå óáðàë

Âîò ìîé config.inc.php äëÿ sqStat

PHP Code:

---

<?php
/* global settings */
$use_js=true; // use javascript for the HTML toolkits
// Maximum URL length to display in URI table column
DEFINE("SQSTAT_SHOWLEN",100);
/* proxy settings */
/* Squid proxy server ip address or host name */
$squidhost[0]="192.168.1.1";
#$squidhost[0]="127.0.0.1";
/* Squid proxy server port */
$squidport[0]=3128;
/* "cachemgr_passwd secret all" in squid.conf. Leave blank to disable authorisation */
$cachemgr_passwd[0]="secret";
/* Resolve user IP addresses or print them as numbers only [true|false] */
$resolveip[0]=true;
/*false; 
/* uncomment next line if you want to use hosts-like file. 
See hosts.txt.dist. */
// $hosts_file[0]="hosts.txt"
/* Group users by hostname - "host" or by User - "username". Username work only 
   with squid 2.6+ */ 
$group_by[0]="host";
/* you can specify more than one proxy in the configuration file, e.g.: */
// $squidhost[1]="192.168.0.2";
// $squidport[1]=3129;
// $cachemgr_passwd[1]="secret";
// $resolveip[1]=true; 
// $hosts_file[1]="otherhosts.txt"
?>

---

Òàêæå Ìû ÷èòàëè

Code:

---

/docs/README

---

Code:

---

  3. Edit your squid.conf to allow cachemgr protocol:

      acl manager proto cache_object
      # replace 10.0.0.1 with your webserver IP
      acl webserver src 192.168.1.1/255.255.255.255
      http_access allow manager webserver
      http_access deny manager

---

ïðàâà íà ïàïêè ñòîÿò Nobody... ×ÒÎ ÅÙÅ ÏÎÑÌÎÒÐÅÒÜ?

PS ïîïðîáîâàë âàø config.inc.php äëÿ sqStat -- ðåçóëüòàò òîò æå... 8(
Error (1): Cannot get data. Server answered: HTTP/1.0 401 Unauthorized

ñêîðåå âñåãî áàã ñ ïðàâàìè, íî ãäå?


ÇÛ2! ñíåñ ïàðîëè â config.inc.php è squid.conf è î ×ÓÄÎ!!! ÇÀÐÀÁÎÒÀËÎ!!!

Ñïàñèáî çà ïîìîùü!

Óñòàíîâèë squid. Â ëîãàõ ïðè çàïóñêå îøèáîê íåò.
îòêðûë ïîðò 3128 íà äîñòóï èçâíå.
 íàñòðîéêàõ áðàóçåðà âûñòàâèë ïàðàìåòðû proxy ñåðâåðà, óêàçàâ âíåøíèé ip-àäðåñ ðîóòåðà è ïîðò 3128.
Îäíàêî, èíòåðíåò íå ðàáîòàåò:(
Ìîæåò êòî îáúÿñíèòü êàê ïðîâåðèòü ôàêò òîãî, ÷òî çàïðîñû äî ìîåãî ðîóòåðà äîõîäÿò? ×òî-òî òèïà tcpdump íà ïîðòó èëè ÷òî-òî â ýòîì ðîäå.

Âîò èíôà èç cashe.log ïîñëå çàïóñêà squid.

2009/07/14 14:17:06| Starting Squid Cache version 2.6.STABLE21 for mipsel-unknown-linux-gnu...
2009/07/14 14:17:06| Process ID 1853
2009/07/14 14:17:06| With 256 file descriptors available
2009/07/14 14:17:06| Using poll for the IO loop
2009/07/14 14:17:06| Performing DNS Tests...
2009/07/14 14:17:06| Successful DNS name lookup tests...
2009/07/14 14:17:06| DNS Socket created at 0.0.0.0, port 1055, FD 6
2009/07/14 14:17:06| Adding nameserver 10.150.21.1 from /etc/resolv.conf
2009/07/14 14:17:06| Adding nameserver 85.21.49.2 from /etc/resolv.conf
2009/07/14 14:17:06| helperOpenServers: Starting 5 'ncsa_auth' processes
2009/07/14 14:17:06| Unlinkd pipe opened on FD 16
2009/07/14 14:17:06| Swap maxSize 20480 + 8192 KB, estimated 0 objects
2009/07/14 14:17:06| Target number of buckets: 110
2009/07/14 14:17:06| Using 8192 Store buckets
2009/07/14 14:17:06| Max Mem size: 8192 KB
2009/07/14 14:17:06| Max Swap size: 20480 KB
2009/07/14 14:17:06| Rebuilding storage in /opt/var/squid/cache (CLEAN)
2009/07/14 14:17:06| Using Least Load store dir selection
2009/07/14 14:17:06| Set Current Directory to /opt/var/squid/cache
2009/07/14 14:17:06| Loaded Icons.
2009/07/14 14:17:06| Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 18.
2009/07/14 14:17:06| Accepting ICP messages at 0.0.0.0, port 3130, FD 19.
2009/07/14 14:17:06| WCCP Disabled.
2009/07/14 14:17:06| Ready to serve requests.
2009/07/14 14:17:08| Done reading /opt/var/squid/cache swaplog (0 entries)
2009/07/14 14:17:08| Finished rebuilding storage from disk.
2009/07/14 14:17:08| 0 Entries scanned
2009/07/14 14:17:08| 0 Invalid entries.
2009/07/14 14:17:08| 0 With invalid flags.
2009/07/14 14:17:08| 0 Objects loaded.
2009/07/14 14:17:08| 0 Objects expired.
2009/07/14 14:17:08| 0 Objects cancelled.
2009/07/14 14:17:08| 0 Duplicate URLs purged.
2009/07/14 14:17:08| 0 Swapfile clashes avoided.
2009/07/14 14:17:08| Took 1.7 seconds ( 0.0 objects/sec).
2009/07/14 14:17:08| Beginning Validation Procedure
2009/07/14 14:17:08| Completed Validation Procedure
2009/07/14 14:17:08| Validated 0 Entries
2009/07/14 14:17:08| store_swap_size = 0k
2009/07/14 14:17:09| storeLateRelease: released 0 objects

Çàðàíåå áëàãîäàðþ.

Quote:

---

Originally Posted by __KiM__

Ìîæåò êòî îáúÿñíèòü êàê ïðîâåðèòü ôàêò òîãî, ÷òî çàïðîñû äî ìîåãî ðîóòåðà äîõîäÿò?

---

Ïîñìîòðåòü access.log?

Quote:

---

Originally Posted by AVoyager

Ïîñìîòðåòü access.log?

---

Òîëüêî îäíà çàïèñü
1247556104.295 23 60.190.97.142 TCP_DENIED/407 1618 GET http://www.yahoo.com/ - NONE/- text/html

×òî îíà çíà÷èò, ïîíÿòèÿ íå èìåþ.

Çíà÷èò, ÷òî êëèåíòó ñ àäðåñîì 60.190.97.142 áûë çàïðåù¸í äîñòóï ê http://www.yahoo.com/

 êîíôèãå ñêâèäà ðàçðåøåíèå âíåøíèì êëèåíòàì íà äîñòóï äàí?

Quote:

---

Originally Posted by AVoyager

Çíà÷èò, ÷òî êëèåíòó ñ àäðåñîì 60.190.97.142 áûë çàïðåù¸í äîñòóï ê http://www.yahoo.com/

 êîíôèãå ñêâèäà ðàçðåøåíèå âíåøíèì êëèåíòàì íà äîñòóï äàí?

---

Ïîäñêàæèòå, ïëç, ãäå ýòî ðàçðåøåíèå óñòàíàâëèâàåòñÿ.
È åùå ýòî íå ìîé âíåøíèé IP-ê, à ïî ìîèì ïîïûòêàì âîîáùå íèêàêèõ çàïèñåé íå ïðîèçâîäèòñÿ.

Quote:

---

Originally Posted by __KiM__

Ïîäñêàæèòå, ïëç, ãäå ýòî ðàçðåøåíèå óñòàíàâëèâàåòñÿ.
È åùå ýòî íå ìîé âíåøíèé IP-ê, à ïî ìîèì ïîïûòêàì âîîáùå íèêàêèõ çàïèñåé íå ïðîèçâîäèòñÿ.

---

Òû ýòî... Ñêèíü squid.conf è íàïèøè ÷òî íà âûõîäå íàäî. À òî ðàçðåøåíèé ìîæíî òàêèõ íàïèñàòü, ÷òî ïîòîì íå ðàñïëàòèøüñÿ åñëè òðàôèê ïîìåãàáàéòíî.

Quote:

---

Originally Posted by Azur4

Òû ýòî... Ñêèíü squid.conf è íàïèøè ÷òî íà âûõîäå íàäî. À òî ðàçðåøåíèé ìîæíî òàêèõ íàïèñàòü, ÷òî ïîòîì íå ðàñïëàòèøüñÿ åñëè òðàôèê ïîìåãàáàéòíî.

---

Íà âûõîäå íóæíà proxy äëÿ äîñòóïà ñ ðàáî÷åãî ìåñòà, â îáõîä ðàáîòîäàòåëÿ. Äëÿ îäíîãî ïîëüçîâàòåëÿ, ëó÷øå åñëè ñ ïàðîëåì.

ß áû ñ óäîâîëüñòâèåì âåñü êîíôèã ñêèíóë, òîëüêî òàì ðàñêîììåíòàðåííûå ñòðîêè ðàçðÿæåíû ïî âñåìó îãðîìíîìó êîíôèãó, áåç ñêðèïòà, âðó÷íóþ äîëãî ñîáèðàòü.
Ñêèíó òî, ÷òî îòíîñèòñÿ ê acl.
Êàê ÿ ïîíÿë èìåííî ýòè ñòðîêè ðåãóëèðóþò äîñòóï. Åñëè íóæíû çíà÷åíèÿ åùå êàêèõ ïàðàìåòðîâ, òî ìîãó ïðåäîñòàâèòü.

acl manager proto cache_object
acl MY proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow MY
http_access deny all
http_port 3128

È åùå âîïðîñ. ß íå ïîíÿë ãäå íóæíî çàäàâàòü ïàðîëü è çàäàåòñÿ ëè îí ãäå-ëèáî.

Èç ïðèâåäåííûõ ñòðîê âàæíû äâå:

acl MY proxy_auth REQUIRED
http_access allow MY

Íî, äëÿ àâòîðèçàöèè, íàäî åùå íåñêîëüêî:

auth_param basic program /opt/squid/bin/checkauth
auth_param basic children 1
auth_param basic credentialsttl 2 hours
authenticate_ttl 5 minutes

Ãäåcheckauth - ïðîãðàììà-àâòîðèçàòîð, êîòîðàÿ ïîëó÷àåò íà ñòàíäàðòíûé âõîä 2 ïàðàìåòðà (ëîãèí è ïàðîëü), ïðîâåðÿåò èõ è â ñòàíäàðòíûé âûõîä âûäàåò "OK\n" èëè "ERR\n". Íàïðèìåð ÷òî-òî òèïà ýòîãî (íà ïåðëå, ïåðåäåëêà íà äðóãîé ÿçûê - äîìàøíåå çàäàíèå):

PHP Code:

---

#!/opt/bin/perl

$|=1;
while(<>) {
   chomp;
   my(@A)=split;
   if ($A[0]=='ëîãèí' && $A[1]=='ïàðîëü') { print "OK\n"; }
   else { print "ERR\n"; }
} 


---

Ðàçóìååòñÿ, èìåíà/ïàðîëè ìîæíî õðàíèòü â ôàéëèêå, åãî ñ÷èòûâàòü è ïðîâåðÿòü ïî âñåìó ñïèñêó.

Quote:

---

Originally Posted by LOEDiver

Èç ïðèâåäåííûõ ñòðîê âàæíû äâå:

acl MY proxy_auth REQUIRED
http_access allow MY

Íî, äëÿ àâòîðèçàöèè, íàäî åùå íåñêîëüêî:

auth_param basic program /opt/squid/bin/checkauth
auth_param basic children 1
auth_param basic credentialsttl 2 hours
authenticate_ttl 5 minutes

Ãäåcheckauth - ïðîãðàììà-àâòîðèçàòîð, êîòîðàÿ ïîëó÷àåò íà ñòàíäàðòíûé âõîä 2 ïàðàìåòðà (ëîãèí è ïàðîëü), ïðîâåðÿåò èõ è â ñòàíäàðòíûé âûõîä âûäàåò "OK\n" èëè "ERR\n". Íàïðèìåð ÷òî-òî òèïà ýòîãî (íà ïåðëå, ïåðåäåëêà íà äðóãîé ÿçûê - äîìàøíåå çàäàíèå):

PHP Code:

---

#!/opt/bin/perl

$|=1;
while(<>) {
   chomp;
   my(@A)=split;
   if ($A[0]=='ëîãèí' && $A[1]=='ïàðîëü') { print "OK\n"; }
   else { print "ERR\n"; }
} 


---

Ðàçóìååòñÿ, èìåíà/ïàðîëè ìîæíî õðàíèòü â ôàéëèêå, åãî ñ÷èòûâàòü è ïðîâåðÿòü ïî âñåìó ñïèñêó.

---

Ñåé÷àñ ó ìåíÿ ñëåäóþùèå íàñòðîéêè â êîíôèãå.

# If you want to use the traditional proxy authentication, jump over to
# the helpers/basic_auth/NCSA directory and type:
# % make
# % make install
#
# Then, set this line to something like
#
auth_param basic program /opt/libexec/ncsa_auth /opt/share/passwords/users

Íóæíî ëè ìåíÿòü ïðîãðàììû àâòîðèçàöèè?
È ÷òî ýòî çà äèððåêòîðèÿ è êàêîé ó íåå àáñîëþòíûé ïóòü?
helpers/basic_auth/NCSA
â êîòîðîé ìåíÿ ïðîñÿò âûïîëíèòü êîìàíäû %make %make install

 cashe.log ïðè ñòàðòå âèæó ñëåäóþùóþ çàïèñü
helperOpenServers: Starting 5 'ncsa_auth' processes
Ò.å. ïðîöåññ êîòîðûé îòâå÷àåò çà àâòîðèçàöèþ çàïóùåí?

Ñêàæåì òàê, ñòàíäàðòíî ñî ñêâèäîì èäåò èìåííî ncsa_auth, ïàðàìåòðîì çàäàåòñÿ ôàéë, â êîòîðîì õðàíÿòñÿ ëîãèíû è ïàðîëè â âèäå:
login:crypt_password
ãäå crypt_password - øèôðîâàííûé ïàðîëü ïî ñòàíäàðòíîìó àëãîðèòìó crypt

Åñëè â ëîãå ïèøåòñÿ î çàïóñêå ncsa_auth, òî àâòîðèçàòîð ðàáîòàåò è â óêàçàííûé ôàéëèê íàäî ïîìåñòèòü íóæíûå ëîãèíû-ïàðîëè.

Íàïðèìåð, ïàðîëþ 12345678 áóäåò ñîîòâåòñòâîâàòü ñòðîêà uhlrca4vneO7E

ß æå ïðèâåë ïðèìåð âîîáùå ïðîèçâîëüíîé ïðîãðàììû ïðîâåðêè ëîãèíà-ïàðîëÿ, áåç ïðèâÿçêè ê ncsa_auth, ïîñêîëüêó ýòó ïðîâåðêó ìîæíî âûïîëíèòü ìíîãèìè ðàçíûìè ñïîñîáàìè. Âïëîòü äî ïðèâÿçêè ê nvram.

Quote:

---

Originally Posted by LOEDiver

Ñêàæåì òàê, ñòàíäàðòíî ñî ñêâèäîì èäåò èìåííî ncsa_auth, ïàðàìåòðîì çàäàåòñÿ ôàéë, â êîòîðîì õðàíÿòñÿ ëîãèíû è ïàðîëè â âèäå:
login:crypt_password
ãäå crypt_password - øèôðîâàííûé ïàðîëü ïî ñòàíäàðòíîìó àëãîðèòìó crypt

Åñëè â ëîãå ïèøåòñÿ î çàïóñêå ncsa_auth, òî àâòîðèçàòîð ðàáîòàåò è â óêàçàííûé ôàéëèê íàäî ïîìåñòèòü íóæíûå ëîãèíû-ïàðîëè.

Íàïðèìåð, ïàðîëþ 12345678 áóäåò ñîîòâåòñòâîâàòü ñòðîêà uhlrca4vneO7E.

---

Êàêàìè óòèëèòàìè ÿ ìîãó ïðîèçâåñòè ãåíåðàöèþ ïàðîëÿ?
Óòèëèòû htpasswd ÿ íàéòè íå ñìîã :(.
Ìîæåò ïîìîæåò ãåíåðàöèÿ ïàðîëÿ óòèëèòîé passwd è êîïèðîâàíèå ñîîòâåòñòâóþùåé ñòðî÷êè èç /etc/passwd çíà÷åíèé ëîãèíà è ïàðîëÿ?

Quote:

---

Originally Posted by __KiM__

Ìîæåò ïîìîæåò ãåíåðàöèÿ ïàðîëÿ óòèëèòîé passwd è êîïèðîâàíèå ñîîòâåòñòâóþùåé ñòðî÷êè èç /etc/passwd çíà÷åíèé ëîãèíà è ïàðîëÿ?

---

passwd ãåíåðèðóåò ñòðîêó äðóãèì ìåòîäîì. Ïîïðîáîâàòü ìîæíî (âçÿâ âñå, ÷òî ìåæäó äâîåòî÷èÿìè, âòîðîå ïîëå), íî ãàðàíòèè íåò.

Åñëè ñòîèò perl, ìîæíî òàê:

Code:

---

perl -e 'print crypt("12345678","az"),"\n";'

---

ãäå 12345678 - ñàì ïàðîëü, az - äâà ïðîèçâîëüíûõ ñèìâîëà.

banners è ôàéë èñêëþ÷åíèé
ïðè èñïîëüçîâàíèè redirector.sh
Êàêîé ôîðìàò ôàéëîâ è ñòðóêòóðà , ÷òî á ñâîé ñäåëàòü?

Ïåðåâûëîæèòå ïëèç ñáîðî÷êó! Íà ðàïèäå äîëãî íå îòëåæàëà.

Õî÷åòñÿ delay_pools ïîþçàòü è áåç êåøà òîæå îòëè÷íî.

Ñêîìïèëèë, âûëîæèë.

ñïàñèáî.
íàñòðîèë îäíî âåäðî ïåðâîãî êëàññà, âñ¸ îòëè÷íî ðàáîòàåò.

Ïðèâåò Âñåì,

íè÷åãî íå ïîíèìàþ ïîñëå óñòàíîâêè ïàêåòà âûëîæåííîãî â äàííîé òåìå delay_pools íå ïîÿâèëñÿ:

Squid Cache: Version 2.7.STABLE6
configure options: '--build=i386-pc-linux-gnu' '--host=mipsel-linux' '--target=mipsel-linux' '--prefix=/opt' '--bindir=/opt/bin' '--sbindir=/opt/sbin' '--libexecdir=/opt/libexec' '--datadir=/opt/share/squid' '--sysconfdir=/opt/etc/squid' '--sharedstatedir=/opt/com/squid' '--localstatedir=/opt/var/squid' '--libdir=/opt/lib' '--includedir=/opt/include' '--oldincludedir=/opt/include' '--infodir=/opt/info' '--mandir=/opt/man' '--disable-epoll' '--enable-basic-auth-helpers=NCSA' '--disable-nls' 'build_alias=i386-pc-linux-gnu' 'host_alias=mipsel-linux' 'target_alias=mipsel-linux' 'CC=/home/optware/oleg/toolchain/mipsel-linux-uclibc/gcc-4.1.1-uclibc-0.9.28/bin/mipsel-linux-uclibc-gcc' 'LDFLAGS= -L/home/optware/oleg/staging/opt/lib -Wl,-rpath,/opt/lib -Wl,-rpath-link,/home/optware/oleg/staging/opt/lib ' 'CPPFLAGS=-O2 -pipe -I/home/optware/oleg/staging/opt/include ' 'CPP=/home/optware/oleg/toolchain/mipsel-linux-uclibc/gcc-4.1.1-uclibc-0.9.28/bin/mipsel-linux-uclibc-gcc -E'


PS: PLZ, ïîäåëèòåñü squid, ñîáðàííûì, ñ ïîääåðæêîé delay_pools

--

Quote:

---

Originally Posted by doff

ñïàñèáî.
íàñòðîèë îäíî âåäðî ïåðâîãî êëàññà, âñ¸ îòëè÷íî ðàáîòàåò.

---