Olá pessoal.
Preciso da ajudas dos gurus do Linux.
Temos um proxy Ubuntu 12.04.3 LTS (GNU/Linux 3.5.0-40-generic x86_64), Squid 3.1.19, Samba 4.0.0alpha18 e Sarg-2.3.2
Quando gero o relatório do SARG, ele só mostra o IP e não mostra o usuário.
Ao acessar o log, todos os registros estão com " - ".
Outro lance esquisito é que o SquidGuard está funcionando, mas não reconhece os usuários da lista, ou seja, todos entram na regra "default"
meu squid.conf
http_port 3128
visible_hostname yanomami.meudominio.com
#acl manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
dns_nameservers 192.168.10.1 8.8.8.8
### LOGs & CACHE ###
cache_mem 2048 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size_in_memory 20480 KB
cache_dir ufs /var/spool/squid3 20000 16 256
access_log /var/log/squid3/access.log squid
cache_log /var/log/squid3/cache.log
cache_store_log /var/log/squid3/store.log
pid_filename /var/log/squid3/squid3.pid
mime_table /usr/share/squid3/mime.conf
hosts_file /etc/hosts
memory_pools off
### REFRESH ###
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
quick_abort_max 16 KB
quick_abort_pct 95
quick_abort_min 16 KB
request_header_max_size 20 KB
reply_header_max_size 20 KB
request_body_max_size 0 KB
#### AUTENTICACAO NO AD ###
auth_param ntlm program /usr/bin/ntlm_auth --diagnostics --helper-protocol=squid-2.5-ntlmssp --domain=MEUDOMINIO.COM
auth_param ntlm children 10
auth_param ntlm keep_alive off
auth_param basic program /usr/lib/squid3/squid_ldap_auth -v 3 -b "dc=meudominio,dc=com" -D uid=srv-linux,ou=Users,dc=targetamericas,dc=com -w minhasenha -f uid=%s karajas.meudominio.com
auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
#### FIM AUTENTICACAO NO AD ###
#### ACLs ####
acl Java browser Java/1.4 Java/1.5 Java/1.6
http_access allow Java
acl CONNECT method CONNECT
#### Libera somente as portas cadastradas
acl SSL_ports port 443 563 10000 7071 587 12321 12322 12323 30443
acl Safe_ports port 21 22 25 80 110 143 443 500 993 995 8080 8081 10000 7071 587 12321 12322 12323 30443
http_access deny CONNECT !SSL_ports
http_access deny !Safe_ports
acl localhost src 127.0.0.1/32 ::1
#### caminho do arquivo com as extençoes para bloqueio
acl badfiles urlpath_regex -i "/etc/squid3/acls/downloads"
http_access deny badfiles
#### Bloqueia Streaming #####
acl streaming req_mime_type "/etc/squid3/acls/streaming"
acl proibir_musica urlpath_regex -i \.aif$ \.aifc$ \.aiff$ \.asf$ \.asx$ \.avi$ \.au$ \.m3u$ \.med$ \.mp3$ \.m1v$ \.mp2$ \.mp2v$ \.mpa$ \.mov$ \.mpe$ \.mpg$ \.mpeg$ \.ogg$ \.pls$ \.ram$ \.ra$ \.ram$ \.snd$ \.wma$ \.wmv$ \.wvx$ \.mid$ \.midi$ \.rmi$
http_access deny proibir_musica
http_reply_access deny streaming
#### permite acesso direto para sites internos e sites da acl 'semauth'
acl semcache dstdomain "/etc/squid3/acls/semcache"
http_access allow semcache
url_rewrite_program /usr/bin/squidGuard -c /etc/squid3/squidGuard.conf
redirect_children 8
redirector_bypass off
acl lan src 192.168.10.0/24
acl alog src 192.168.0.0/24
http_access allow lan
http_access deny all
Meu squidGuard.conf
dbhome /var/lib/squidguard/db/blacklists
logdir /var/log/squid3
########## Grupos ############
src admin {
user administrator alexandre.jesus
}
src youtube {
user nicolas.derderian antonio.santos andre.gomes aline.machado bianca.mansur lucas.silva daniele.oliveira hosana.oliveira raiane.souza alexandre.madruga
}
src rh {
user flavia.pontes celia.santana alcielli.silva daniele.estrella paloma.santos roberta.godoy tatiana.silva
}
src youtubegmail {
user jeane.pardini antonio.dick aline.machado helena.oliveira daniel.mascaro janaisa.lima tatiana.silva ronaldo.pereira
}
######### Bloqueios ##########
dest ads {
domainlist ads/domains
urllist ads/urls
}
dest audio-video {
domainlist audio-video/domains
urllist audio-video/urls
}
dest chat {
domainlist chat/domains
urllist chat/urls
}
dest diversos {
domainlist diversos/domains
urllist diversos/urls
}
dest drugs {
domainlist drugs/domains
urllist drugs/urls
}
dest filehosting {
domainlist filehosting/domains
urllist filehosting/urls
}
dest filesharing {
domainlist filesharing/domains
expressionlist filesharing/expressions
urllist filesharing/urls
}
dest games {
domainlist games/domains
urllist games/urls
}
dest gmail {
domainlist gmail/domains
}
dest hacking {
domainlist hacking/domains
urllist hacking/urls
}
dest instantmessaging {
domainlist instantmessaging/domains
urllist instantmessaging/urls
}
dest mail {
domainlist mail/domains
urllist mail/urls
}
dest movies {
domainlist movies/domains
urllist movies/urls
}
dest music {
domainlist music/domains
urllist music/urls
}
dest podcasts {
domainlist podcasts/domains
urllist podcasts/urls
}
dest porn {
domainlist porn/domains
urllist porn/urls
expressionlist porn/expressions
}
dest proxy {
domainlist proxy/domains
urllist proxy/urls
}
dest radio {
domainlist radio/domains
urllist radio/urls
}
dest redirector {
domainlist redirector/domains
urllist redirector/urls
}
dest rh {
domainlist rh/domains
}
dest sex {
domainlist socialnetworking/domains
urllist socialnetworking/urls
}
dest socialnetworking {
domainlist socialnetworking/domains
urllist socialnetworking/urls
}
dest spyware {
domainlist spyware/domains
urllist spyware/urls
}
dest warez {
domainlist warez/domains
urllist warez/urls
}
dest webmail {
domainlist mail/domains
urllist mail/urls
}
dest webradio {
domainlist webradio/domains
urllist webradio/urls
}
dest webtv {
domainlist webtv/domains
urllist webtv/urls
}
dest whitelist {
domainlist whitelist/domains
urllist whitelist/urls
}
dest youtube {
domainlist youtube/domains
urllist youtube/urls
}
########### ACLs ##########
acl {
admin {
pass all
}
youtube {
pass whitelist youtube !mail !webmail !ads !audio-video !chat !diversos !drugs !filehosting !filesharing !games !hacking !instantmessaging !movies !music !podcasts !porn !proxy !radio !redirector !sex !socialnetworking !spyware !warez !webradio !webtv all
redirect http://localhost/squidGuard.php?usuario=%i&url=%u&ip_origem=%a&categoria=%t
}
rh {
pass whitelist rh gmail !mail !webmail !youtube !ads !audio-video !chat !diversos !drugs !filehosting !filesharing !games !hacking !instantmessaging !movies !music !podcasts !porn !proxy !radio !redirector !sex !socialnetworking !spyware !warez !webradio !webtv all
redirect http://localhost/squidGuard.php?usuario=%i&url=%u&ip_origem=%a&categoria=%t
}
youtubegmail {
pass whitelist youtube gmail !rh !mail !webmail !ads !audio-video !chat !diversos !drugs !filehosting !filesharing !games !hacking !instantmessaging !movies !music !podcasts !porn !proxy !radio !redirector !sex !socialnetworking !spyware !warez !webradio !webtv all
redirect http://localhost/squidGuard.php?usuario=%i&url=%u&ip_origem=%a&categoria=%t
}
default {
pass whitelist youtube !mail !webmail !ads !audio-video !chat !diversos !drugs !filehosting !filesharing !games !hacking !instantmessaging !movies !music !podcasts !porn !proxy !radio !redirector !sex !socialnetworking !spyware !warez !webradio !webtv all
redirect http://localhost/squidGuard.php?usuario=%i&url=%u&ip_origem=%a&categoria=%t
}
}
Valeu galera, conto com a ajuda de vocês!