由 xagcf 在 11-06-2003 08:03 发表:

关于squid透明代理问题！！！出现出错信息但不知何解！！

我是新手想请教！！我学习linuxfans里gugong兄的做法做了squid透明代理，但是我不明白，为什么我一运行就出现下面的信息！！

ERROR

The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://www.linuxsir.org/postnuke/index.php

The following error was encountered:

Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

Your cache administrator is [email protected] .

出现以上信息！！我想应该是时间的限制问题，但是我不明白allow_domain里边究竟要填些什么？？这个域应该怎样去定义？是否就是windows里的域？？

还有下面的no_allow_time_0_1这些文件又是填些什么呢？？请给小弟详细一些的指导，最好就是把各个用途说清楚。

还有一个问题就是如果我想过滤一些网页与关键字，语法又是怎样呢？？

还是请多多指点！！

--------------------------------------------------------------------------------

/etc/squid/squid.conf 文件

http_port 3128

http_port 10.3.2.129:8080

hierarchy_stoplist cgi-bin ?

acl QUERY urlpath_regex cgi-bin ?

no_cache deny QUERY

cache_mem 8 MB

cache_mem 48 MB

emulate_httpd_log off

============================================================================

emulate_httpd_log on

============================================================================

redirect_rewrites_host_header on

============================================================================

redirect_rewrites_host_header off

============================================================================

#Recommended minimum configuration:

acl all src 0.0.0.0/0.0.0.0

acl manager proto cache_object

acl localhost src 127.0.0.1/255.255.255.255

acl SSL_ports port 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

acl CONNECT method CONNECT

============================================================================

acl allow_domain dstdomain "/etc/squid/allow_domain"

下面是只允许每天上三个小时的：

acl no_allow_time_0_1 time "/etc/squid/no_allow_time_0_1"

acl no_allow_time_0_2 time "/etc/squid/no_allow_time_0_2"

acl no_allow_time_0_3 time "/etc/squid/no_allow_time_0_3"

acl no_allow_time_0_4 time "/etc/squid/no_allow_time_0_4"

acl no_allow_time_0_5 time "/etc/squid/no_allow_time_0_5"

完

下面是只允许每天上八个小时的：

acl no_allow_time_1_1 time "/etc/squid/no_allow_time_1_1"

acl no_allow_time_1_2 time "/etc/squid/no_allow_time_1_2"

acl no_allow_time_1_3 time "/etc/squid/no_allow_time_1_3"

acl no_allow_time_1_4 time "/etc/squid/no_allow_time_1_4"

acl no_allow_time_1_5 time "/etc/squid/no_allow_time_1_5"

完

acl no_allow_web dst "/etc/squid/no_allow_web"

acl no_allow_domain dstdomain "/etc/squid/no_allow_domain"

acl no_allow_client src "/etc/squid/no_allow_client"

#acl allow_time time "/etc/squid/allow_time"

acl allow_client_inf src "/etc/squid/allow_client_inf"

acl allow_client_fore src "/etc/squid/allow_client_fore"

acl allow_client_8h src "/etc/squid/allow_client_8h"

acl allow_client_3h src "/etc/squid/allow_client_3h"

acl Uncachable url_regex cgi ?

Only allow cachemgr access from localhost

http_access allow manager localhost

http_access deny manager

============================================================================

Deny requests to unknown ports

http_access deny !Safe_ports

============================================================================

no_cache deny Uncachable

http_access allow allow_domain

http_access allow allow_client_inf

http_access deny no_allow_web

http_access deny no_allow_domain

http_access deny no_allow_client

http_access allow allow_client_fore

下面是只允许每天上八个小时的：

http_access deny no_allow_time_1_1 allow_client_8h

http_access deny no_allow_time_1_2 allow_client_8h

http_access deny no_allow_time_1_3 allow_client_8h

http_access deny no_allow_time_1_4 allow_client_8h

http_access deny no_allow_time_1_5 allow_client_8h

http_access allow allow_client_8h

完

下面是只允许每天上三个小时的：

http_access deny no_allow_time_0_1 allow_client_3h

http_access deny no_allow_time_0_2 allow_client_3h

http_access deny no_allow_time_0_3 allow_client_3h

http_access deny no_allow_time_0_4 allow_client_3h

http_access deny no_allow_time_0_5 allow_client_3h

http_access allow allow_client_3h

完

#http_access deny no_allow_time

============================================================================

Deny CONNECT to other than SSL ports

http_access deny CONNECT !SSL_ports

INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS

And finally deny all other access to this proxy

http_access allow localhost

http_access deny all

#Allow ICP queries from eveyone

icp_access allow all

cache_mgr [email protected]

httpd_accel_port 80

+++++++++++++++++++++++++++++++++++ 古公 ++++++++++++透明代理的设定+++++++++

httpd_accel_host virtual

#httpd_accel_port 80

+++++++++++++++++++++++++++++++++++ 古公 ++++++++++++透明代理的设定+++++++++

httpd_accel_with_proxy on

+++++++++++++++++++++++++++++++++++ 古公 ++++++++++++透明代理的设定+++++++++

httpd_accel_with_proxy