From: Igo <altlinux@aaanet.ru>
To: ALT Linux Community <community@lists.altlinux.org>
Subject: [Comm] squid & icq
Date: Mon, 25 Sep 2006 13:29:55 +0400
Message-ID: <4517A193.1050204@aaanet.ru> (raw)
всем привет
хочется сделать прозрачный прокси для ICQ
в iptables есть строка
[0:0] -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport
5190 -j REDIRECT --to-ports 3128
[0:0] -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -m tcp
--dport 5190 -j ACCEPT
[0:0] -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -m tcp
--sport 5190 -j ACCEPT
вот конфиг squid
[root@cerber squid]# cat squid.conf
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
ftp_user anonymous
#debug_options auth_param,9
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 10
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param basic program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 10
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
external_acl_type AD_global_group %LOGIN /usr/lib/squid/wbinfo_group.pl
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl HTTP_Common external AD_global_group http
acl to_localhost dst 127.0.0.0/8
acl Safe_ports port 80 8080 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 5190 # https, snews
acl CONNECT method CONNECT
http_access allow HTTP_Common Safe_ports
http_access allow manager localhost
http_access deny manager
http_access allow localhost
http_access deny all
http_reply_access allow all
error_directory /usr/share/squid/errors/Russian-1251
в логах сквида
1159175889.327 0 192.168.0.57 TCP_DENIED/400 1627 NONE
error:unsupported-request-method - NONE/- text/html
Порт 5190 в сквиде наверно как-то надо перенаправить на https (этот
протокол squid понимает)
или есть какойнибудь модуль к squid кот. знает протокол 5190
?
next reply other threads:[~2006-09-25 9:29 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-25 9:29 Igo [this message]
2006-09-25 10:03 ` Шенцев Алексей Владимирович
2006-09-25 13:01 ` Aleksander N. Gorohovski
2006-10-03 12:02 ` Alexey Morsov
2006-10-03 13:45 ` Igor Zubkov
2006-10-06 6:55 ` Alexey Morsov
2006-10-03 16:07 ` Aleksander N.Gorohovski
2006-09-26 8:20 ` Igo
2006-09-26 9:09 ` Alex Gorbachenko
2006-09-26 9:12 ` Шенцев Алексей Владимирович
2006-09-26 9:16 ` Michael Shigorin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4517A193.1050204@aaanet.ru \
--to=altlinux@aaanet.ru \
--cc=community@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git