olha o request_header_max_size 2007/1/8, luciof_oliveira <[EMAIL PROTECTED]>:
Olá a todos!!! Estou com problemas no meu SQUID quando acesso uma pagina de WEBMAIL e tento anexar um arquivo com mais de 80KB dá a msg de erro no Browser do usuário "Read Error" e "Connection reset by peer" no access.log dá a msg "1168297024.422 41558 10.32.3.152 TCP_MISS/502 1372 POST http://mail5.uol.com.br/cgi-bin/webmail.exe ipoderoso DIRECT/200.221.4.88 text/html", o SQUID está configurado para fazer autenticação com o Dominio em AD. Já tentei configurar o squid.conf com o parametro "request_body_max_size 10 MB", mas não deu certo. Alguém tem uma luz ??? Segue abaixo a configuração do SQUID. ############################ squid.conf ############################# http_port 8080 icp_port 3130 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 750 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 8192 KB maximum_object_size_in_memory 256 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_dir ufs /etc/squid/cache 5000 16 256 cache_log /var/log/squid/cache.log dns_nameservers 10.32.1.38 10.32.1.5 access_log /var/log/squid/access.log # Autenticacao no AD auth_param ntlm program /usr/bin/ntlm_auth sbt/sbta1201 --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 15 auth_param basic program /usr/bin/ntlm_auth sbt\sbta1201 --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm SBTPROXY02 auth_param basic credentialsttl 2 hours auth_param basic casesensitive off authenticate_cache_garbage_interval 10 seconds authenticate_ttl 0 seconds external_acl_type NT_global_group children=10 %LOGIN /usr/lib/squid/wbinfo_group.pl request_body_max_size 10 MB mime_table /etc/squid/mime.conf refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 #ACL AD acl InternetNivel1 external NT_global_group Internet_Nivel1 acl InternetNivel2 external NT_global_group Internet_Nivel2 acl InternetNivel3 external NT_global_group Internet_Nivel3 acl InternetNivel4 external NT_global_group Internet_Nivel4 acl InternetNivel0 external NT_global_group Internet_Nivel0 acl teste external NT_global_group teste # acl rede_sbt src 10.32.0.0/16 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl auth proxy_auth REQUIRED http_reply_access allow all acl SSL_ports port 443 563 9141 acl Safe_ports port 80 # http acl Safe_ports port 21 #ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 7070 #Real Audio acl Safe_ports port 554 #RTSP acl Safe_ports port 7071 #sbt real audio acl Safe_ports port 7073 #sbt real player acl Safe_ports port 1755 #netshow acl Safe_ports port 5443 #ssl uol acl Safe_ports port 23 #telnet acl Safe_ports port 1043 #midia player acl Safe_ports port 143 #imap acl Safe_ports port 9380 # acl Safe_ports port 1626 # acl Safe_ports port 3000 # acl Safe_ports port 17 #backweb acl Safe_ports port 1521 #oracle-sql acl Safe_ports port 22 #ssh acl Safe_ports port 1433 #mssql acl Safe_ports port 7003 # acl Safe_ports port 1000 # acl Safe_ports port 8383 # acl pop_port port 110 #pop3 acl smtp_port port 25 #smtp acl msn_port port 1863 #MSN Messenger acl CONNECT method CONNECT acl malware_block_list url_regex -i "/etc/squid/malware_block_list.txt" acl msn url_regex -i /gateway/gateway.dll acl Nivel4 url_regex -i "/etc/squid/Nivel4" acl Nivel3 url_regex -i "/etc/squid/Nivel3" acl Nivel2 url_regex -i "/etc/squid/Nivel2" acl Nivel1 url_regex -i "/etc/squid/Nivel1" acl liberados url_regex -i "/etc/squid/liberados" acl WLN1 url_regex -i "/etc/squid/WLNivel1" acl WLN2 url_regex -i "/etc/squid/WLNivel2" acl bloquear_extensoes urlpath_regex -i .com$ .exe$ .scr$ .mp3$ .mpeg$ .wma$ .wmv$.mpg$ .avi$ .pif$ #########Liberacoes/Bloqueios######### http_access deny malware_block_list deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow liberados http_access allow teste ########### Nivel 4 ##### http_access deny Nivel4 http_access allow InternetNivel4 ########### Nivel 3 ##### http_access deny Nivel3 http_access allow InternetNivel3 ########## Nivel 2 #### http_access allow WLN2 http_access deny Nivel2 http_access deny bloquear_extensoes http_access allow InternetNivel2 ######Bloquear MSN####### http_access deny msn_port http_access deny msn ######################## ######### Nivel 1 ##### http_access allow WLN1 http_access deny Nivel1 http_access allow InternetNivel1 ######## Nivel 0 ##### http_access deny InternetNivel0 http_access allow manager localhost http_access deny manager http_access deny all icp_access allow all http_access allow auth cache_effective_user squid cache_effective_group squid cache_mgr suporte error_directory /usr/share/squid/errors/Portuguese visible_hostname sbtproxy02.sbt.com.br acl local-servers dstdomain sbt.com.br always_direct allow local-servers coredump_dir /var/spool/squid ################################################################### Desde já agradeço a colaboração.
-- Rafael Brito Gomes Sistema de Informação Universidade de Salvador (UNIFACS) Linux User - 430086 O Tabareu - A Arte em sua forma mais Pura! http://tabareu.wordpress.com/ Blog do Sinot http://sinot.wordpress.com/
