hab mal wieder nen dickes prop mit meinem squid . Ich habe das viralator script installiert um meine downloads per clamd nach viren scannen zu können. Der Squid lauft bei uns transparent gibt alles an den squidguard weiter und der entscheidet an einer regex table ob das file zu viralator script geforwardet soll.
Das Problem das sich jetzt auftut ist das der squid mir immer seine proxy ip mitgibt d.h
das virilator script erhaltet:
Code: Alles auswählen
192.168.0.99 - - [19/Mar/2007:13:40:33 +0100] "GET /cgi-bin/viralator.cgi?url=http://download.winzip.com/german/wz110gev.exe HTTP/1.0" 200 1272 "http://www.winzip.de/downautowz.htm" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2) Gecko/20060601 Firefox/2.0.0.2 (Ubuntu-edgy)"
192.168.0.99 - - [19/Mar/2007:13:40:35 +0100] "GET /cgi-bin/viralator.cgi?url=http://192.168.0.99/cgi-bin/viralator.cgi?action=popup&fileurl=http://download.winzip.com/german/wz110gev.exe HTTP/1.0" 200 1235 "http://download.winzip.com/german/wz110gev.exe" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2) Gecko/20060601 Firefox/2.0.0.2 (Ubuntu-edgy)"
192.168.0.99 - - [19/Mar/2007:13:40:37 +0100] "GET /cgi-bin/viralator.cgi?action=errpop HTTP/1.0" 200 897 "http://192.168.0.99/cgi-bin/viralator.cgi?action=popup&fileurl=http://download.winzip.com/german/wz110gev.exe" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2) Gecko/20060601 Firefox/2.0.0.2 (Ubuntu-edgy)"
hier meine squid.conf
Code: Alles auswählen
http_port 192.168.0.99:3128
cache_mem 1024 MB
maximum_object_size 32768 KB
maximum_object_size_in_memory 8192 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /var/spool/squid 5000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
hosts_file /etc/hosts
icp_port 0
#hierarchy_stoplist cgi-bin ?
#acl QUERY urlpath_regex cgi-bin \?
#no_cache deny QUERY
redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
redirect_children 10
#redirect_rewrites_host_header on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
refresh_pattern \.gif$ 10080 100% 43200 override-expire
refresh_pattern \.jpg$ 10080 100% 43200 override-expire
refresh_pattern . 960 90% 43200 reload-into-ims
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl network src 192.168.0.0/255.255.255.0
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
redirector_access deny localhost
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow network
http_access deny to_localhost
http_access allow localhost
always_direct allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
forwarded_for off
#cache_peer 127.0.0.1 parent 8118 7 no-digest no-query
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
coredump_dir /var/spool/squid
#redirector_bypass on
oder mindestens so einstellen das das virilator script das file so downloadet ohne den proxy zu benutzen
wenn ich das file manuell im browser eingebe
Code: Alles auswählen
http://192.168.0.99/cgi-bin/viralator.cgi?url=http://download.winzip.com/german/wz110gev.exe