Hi,
I have been using squid for about 4-5 months successfully on a RedHat 7.1 box
which acts as the nat router / firewall between the I-net and my LAN. A couple
of days ago I decided to upgrade to Fedora Core4. I have now got most things
working, but the browers on my LAN clients are not able to access web-sites. I
can ping the web-sites, but the browers are doing nothing.
At first I thought it was a DNS problem, but tcpdump indicates that is working
fine and if I use IP numbers for the web-sites they still don't respond.
I have copied over my squid.conf and iptables setting from 7.1 and successfully
set up the cache directories but I am getting nothing in access.log or
store.log.
Can anybody see what I am doing wrong, or knows of any utilities that could
clarify what the issue is?
Here is a decommented copy of the squid.conf file I am using.
http_port 3128
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
cache_dir ufs /var/spool/squid 100 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
pid_filename /var/run/squid.pid
debug_options ALL,1 33,2
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/255.0.0.0
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080 # http #2
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 3128 # squid (is this needed, maybe as I don't allow
1025-65535 below)
acl Safe_ports port 5050:5055 # bpalogin
acl Safe_ports port 123 # ntp
acl Safe_ports port 280 # http-mgmt
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
acl mylan src 192.168.1.0/255.255.255.224
http_access allow mylan
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr root
cache_effective_user squid
cache_effective_group squid
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
memory_pools on
memory_pools_limit 10 MB
cachemgr_passwd disable all
coredump_dir /var/spool/squid
Here is what is in my cache.log
2005/06/26 21:12:28| Starting Squid Cache version 2.5.STABLE9 for
i386-redhat-linux-gnu...
2005/06/26 21:12:28| Process ID 7346
2005/06/26 21:12:28| With 1024 file descriptors available
2005/06/26 21:12:28| DNS Socket created at 0.0.0.0, port 32825, FD 5
2005/06/26 21:12:28| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2005/06/26 21:12:28| Adding nameserver 144.140.70.16 from /etc/resolv.conf
2005/06/26 21:12:28| Adding nameserver 144.140.71.29 from /etc/resolv.conf
2005/06/26 21:12:28| Adding nameserver 144.140.70.15 from /etc/resolv.conf
2005/06/26 21:12:28| User-Agent logging is disabled.
2005/06/26 21:12:28| Referer logging is disabled.
2005/06/26 21:12:28| Unlinkd pipe opened on FD 10
2005/06/26 21:12:28| Swap maxSize 102400 KB, estimated 7876 objects
2005/06/26 21:12:28| Target number of buckets: 393
2005/06/26 21:12:28| Using 8192 Store buckets
2005/06/26 21:12:28| Max Mem size: 32768 KB
2005/06/26 21:12:28| Max Swap size: 102400 KB
2005/06/26 21:12:28| Rebuilding storage in /var/spool/squid (CLEAN)
2005/06/26 21:12:28| Using Least Load store dir selection
2005/06/26 21:12:28| Set Current Directory to /var/spool/squid
2005/06/26 21:12:28| Loaded Icons.
2005/06/26 21:12:29| Accepting HTTP connections at 0.0.0.0, port 3128, FD 12.
2005/06/26 21:12:29| WCCP Disabled.
2005/06/26 21:12:29| Ready to serve requests.
2005/06/26 21:12:29| Done reading /var/spool/squid swaplog (0 entries)
2005/06/26 21:12:29| Finished rebuilding storage from disk.
2005/06/26 21:12:29| 0 Entries scanned
2005/06/26 21:12:29| 0 Invalid entries.
2005/06/26 21:12:29| 0 With invalid flags.
2005/06/26 21:12:29| 0 Objects loaded.
2005/06/26 21:12:29| 0 Objects expired.
2005/06/26 21:12:29| 0 Objects cancelled.
2005/06/26 21:12:29| 0 Duplicate URLs purged.
2005/06/26 21:12:29| 0 Swapfile clashes avoided.
2005/06/26 21:12:29| Took 0.3 seconds ( 0.0 objects/sec).
2005/06/26 21:12:29| Beginning Validation Procedure
2005/06/26 21:12:29| Completed Validation Procedure
2005/06/26 21:12:29| Validated 0 Entries
2005/06/26 21:12:29| store_swap_size = 0k
2005/06/26 21:12:30| storeLateRelease: released 0 objects
Best regards,
Vaughan
Mobile: 0412 122 362
Received on Sun Jun 26 2005 - 20:02:29 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:03 MDT