Forum Debian Users Gang

woitekd · 2012-04-25 00:10:47

Witam wszystkich :)

Mam dziwny problem ze squidem i htb, chodzi o to że jeżeli w przegladarce wpisze sobie w ustawieniach proxy to htb nic nie ogranicza trafień ze squida a jak mam transparentne to htb tnie też squida

Oto konfiguracja squida, squid jest w wersji 3.1.18:

Kod:

http_port 8080 transparent
cache_dir aufs /mnt/sdb1/squid 10000 16 256
cache_mem 180 MB
maximum_object_size 250 MB
visible_hostname bogu
minimum_object_size 2 KB
maximum_object_size_in_memory 512 KB
cache_swap_low 90
cache_swap_high 95
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
access_log /dev/null
#cache_log none
ident_timeout 2 seconds
#access_log /mnt/sdb1/squid/access_log
#cache_log /mnt/sdb1/squid/cache_log
qos_flows local-hit=0xff
error_directory /usr/share/squid3/errors/pl-pl
#acl
client_netmask 255.255.255.128
acl blokada src 10.0.0.0/24
acl siec-lan src 192.168.1.0/25
acl localhost src 127.0.0.1/32
acl SSL_ports port 443
acl magic_words1 url_regex -i 192.168
acl magic_words2 url_regex -i .exe .msi .7z .mp3 .rar .avi .mpeg .mpe .wav .zip .rmvb .iso
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 5000/150000 5000/150000
delay_access 2 allow magic_words2
http_access deny blokada
http_access allow siec-lan
http_access allow localhost
http_access allow SSL_ports
cache deny no-cache
# user i grupa dla squida
cache_effective_user proxy
cache_effective_group proxy
# lepsza wspolpraca z dns
dns_defnames on
#dns_nameservers 194.204.152.34
dns_nameservers 192.168.1.126
#coĹ› tam z ip 
ipcache_size 10240 
ipcache_low 90 
ipcache_size 97
half_closed_clients off

refresh_pattern -i \.(gif|tif|tiff|bmp|jpg|jpeg|png|ico) 1440 50% 10080
#odswiezanie dla obrazkow
refresh_pattern -i \.(wav|mp3|mp2|wmp|mid) 10080 50%  20160
#odswiezanie dokumentow
refresh_pattern -i \.(txt|pdf|doc|xls|docx|odf|ppt|pptx) 4320 50%  10080
#odswiezanie statycznych elementow stron
refresh_pattern -i \.(css|html|htm) 2880 50% 43200
#odswiezanie filmow
refresh_pattern -i \.(flv|swf|mp4|wmv|) 10080 70% 43200
# update
refresh_pattern windowsupdate.com/.*\.(cab|exe|dll) 43200 100% 43200
refresh_pattern download.microsoft.com/.*\.(cab|exe|dll) 43200 100% 43200
refresh_pattern windowsupdate.com/.*\.(cab|exe) 43200 100% 43200
refresh_pattern download.microsoft.com/.*\.(cab|exe) 43200 100% 43200
refresh_pattern eset.com/.*\.(ver|unp|nup) 43200 100% 43200
refresh_pattern avast.com/.*\.(vpu|vpaa) 43200 100% 43200

htb:

Kod:

#!/bin/bash
set -x
tc qdisc del dev eth1 root handle 1:0 htb
tc qdisc add dev eth1 root handle 1:0 htb

tc class add dev eth1 parent 1:0 classid 1:1 htb rate 99mbit ceil 100mbit quantum 768

tc class add dev eth1 parent 1:1 classid 1:2 htb rate 1840kbit ceil 2000kbit quantum 768
tc class add dev eth1 parent 1:1 classid 1:3 htb rate 90000kbit ceil 91000kbit quantum 768

tc filter add dev eth1 protocol ip preference 1 parent 1:0 u32 match ip src 192.168.1.126  flowid 1:3
tc filter add dev eth1 protocol ip preference 2 parent 1:0 u32 match ip dst 192.168.1.126 flowid 1:3
tc filter add dev eth1 protocol ip preference 3 parent 1:0 handle 0xff fw flowid 1:3 
tc filter add dev eth1 protocol ip preference 4 parent 1:0 u32 match ip dst 192.168.1.0/25 flowid 1:2

tc qdisc add dev eth1 parent 1:3 handle 3:0 sfq perturb 10
tc qdisc add dev eth1 parent 1:2 handle 4:0 sfq perturb 10
# ograniczanie uploadu
tc qdisc del dev eth0 root handle 10:0 htb
tc qdisc add dev eth0 root handle 10:0 htb

tc class add dev eth0 parent 10:0 classid 10:1 htb rate 260kbit ceil 270kbit quantum 768

tc filter add dev eth0 protocol ip parent 10:0 u32 match ip src 83.13.177.130 flowid 10:1 

tc qdisc add dev eth0 parent 10:1 handle 20:0 sfq perturb 10

Czy ktoś może mi wytłumaczyć o co chodzi, i pomóc?

Forum Debian Users Gang

Ogłoszenie

#1 2012-04-25 00:10:47

woitekd - Użytkownik

Squid dziwnie ograniczany przez htb

Kod:

Kod:

Stopka forum