From: Igo <altlinux@aaanet.ru> To: ALT Linux Community <community@lists.altlinux.org> Subject: [Comm] squid & icq Date: Mon, 25 Sep 2006 13:29:55 +0400 Message-ID: <4517A193.1050204@aaanet.ru> (raw) всем привет хочется сделать прозрачный прокси для ICQ в iptables есть строка [0:0] -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp --dport 5190 -j REDIRECT --to-ports 3128 [0:0] -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -m tcp --dport 5190 -j ACCEPT [0:0] -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -m tcp --sport 5190 -j ACCEPT вот конфиг squid [root@cerber squid]# cat squid.conf acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY ftp_user anonymous #debug_options auth_param,9 auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 10 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 10 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 external_acl_type AD_global_group %LOGIN /usr/lib/squid/wbinfo_group.pl acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl HTTP_Common external AD_global_group http acl to_localhost dst 127.0.0.0/8 acl Safe_ports port 80 8080 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 5190 # https, snews acl CONNECT method CONNECT http_access allow HTTP_Common Safe_ports http_access allow manager localhost http_access deny manager http_access allow localhost http_access deny all http_reply_access allow all error_directory /usr/share/squid/errors/Russian-1251 в логах сквида 1159175889.327 0 192.168.0.57 TCP_DENIED/400 1627 NONE error:unsupported-request-method - NONE/- text/html Порт 5190 в сквиде наверно как-то надо перенаправить на https (этот протокол squid понимает) или есть какойнибудь модуль к squid кот. знает протокол 5190 ?
next reply other threads:[~2006-09-25 9:29 UTC|newest] Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top 2006-09-25 9:29 Igo [this message] 2006-09-25 10:03 ` Шенцев Алексей Владимирович 2006-09-25 13:01 ` Aleksander N. Gorohovski 2006-10-03 12:02 ` Alexey Morsov 2006-10-03 13:45 ` Igor Zubkov 2006-10-06 6:55 ` Alexey Morsov 2006-10-03 16:07 ` Aleksander N.Gorohovski 2006-09-26 8:20 ` Igo 2006-09-26 9:09 ` Alex Gorbachenko 2006-09-26 9:12 ` Шенцев Алексей Владимирович 2006-09-26 9:16 ` Michael Shigorin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=4517A193.1050204@aaanet.ru \ --to=altlinux@aaanet.ru \ --cc=community@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Community general discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 community community/ http://lore.altlinux.org/community \ mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com public-inbox-index community Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.community AGPL code for this site: git clone https://public-inbox.org/public-inbox.git