[PLUTO-help] squid trasparente

ivan re re.ivan a gmail.com
Mar 21 Nov 2006 17:00:38 CET 

Ho una piccola rete con 1 server linux (usato come PDC samba 3.0.2) e
10 pc (Wiin 9x,2k) nella quale vorrei configurare squid 2.5 come proxy
trasparente

Ho modificato squid.conf come segue:

 http_port 192.168.1.254:3128
 http_port 127.0.0.1:3128

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Inoltre vorrei avere una politica di autenticazione in modo tale che
gli utenti del dominio possano accedere ad internet mentre agli altri
venga richiesta la password

auth_param ntlm program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 15 minutes
auth_param ntlm use_ntlm_negotiate on
auth_param basic program /usr/lib/squid/ntlm_auth
--helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

#ACL per auth
acl squid_access proxy_auth REQUIRED
http_access allow squid_access

Ho configurato iptables come segue:

$IPTABLES  -A INPUT             -p tcp    --dport 3128     -j ACCEPT
#squid
$IPTABLES -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT
--to-port 3128     #eth2 --> didattica

Lanciando squid ottengo però un errore:

]# squid -N -d1
2006/11/21 15:59:36| Starting Squid Cache version 2.5.STABLE14 for
i686-redhat-linux-gnu...
2006/11/21 15:59:36| Process ID 5631
2006/11/21 15:59:36| With 1024 file descriptors available
2006/11/21 15:59:36| Performing DNS Tests...
2006/11/21 15:59:36| Successful DNS name lookup tests...
2006/11/21 15:59:36| DNS Socket created at 0.0.0.0, port 32945, FD 4
2006/11/21 15:59:36| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2006/11/21 15:59:36| Adding nameserver 192.168.1.254 from
/etc/resolv.conf
2006/11/21 15:59:36| helperStatefulOpenServers: Starting 5 'ntlm_auth'
processes
2006/11/21 15:59:36| WARNING: Cannot run '/usr/lib/squid/ntlm_auth'
process.

Perchè il warning????

grazie
wIke

More information about the pluto-help mailing list