Vaughan Roberts wrote:
>Hi,
>
>I have been using squid for about 4-5 months successfully on a RedHat 7.1 box
>which acts as the nat router / firewall between the I-net and my LAN. A couple
>of days ago I decided to upgrade to Fedora Core4. I have now got most things
>working, but the browers on my LAN clients are not able to access web-sites. I
>can ping the web-sites, but the browers are doing nothing.
>At first I thought it was a DNS problem, but tcpdump indicates that is working
>fine and if I use IP numbers for the web-sites they still don't respond.
>I have copied over my squid.conf and iptables setting from 7.1 and successfully
>set up the cache directories but I am getting nothing in access.log or
>store.log.
>
>Can anybody see what I am doing wrong, or knows of any utilities that could
>clarify what the issue is?
>
>Here is a decommented copy of the squid.conf file I am using.
>http_port 3128
>icp_port 0
>hierarchy_stoplist cgi-bin ?
>acl QUERY urlpath_regex cgi-bin \?
>no_cache deny QUERY
>cache_mem 32 MB
>cache_dir ufs /var/spool/squid 100 16 256
>cache_access_log /var/log/squid/access.log
>cache_log /var/log/squid/cache.log
>cache_store_log /var/log/squid/store.log
>pid_filename /var/run/squid.pid
>debug_options ALL,1 33,2
>auth_param basic children 5
>auth_param basic realm Squid proxy-caching web server
>auth_param basic credentialsttl 2 hours
>refresh_pattern ^ftp: 1440 20% 10080
>refresh_pattern ^gopher: 1440 0% 1440
>refresh_pattern . 0 20% 4320
>acl all src 0.0.0.0/0.0.0.0
>acl manager proto cache_object
>acl localhost src 127.0.0.1/255.255.255.255
>acl to_localhost dst 127.0.0.0/255.0.0.0
>acl SSL_ports port 443 563
>acl Safe_ports port 80 # http
>acl Safe_ports port 8080 # http #2
>acl Safe_ports port 21 # ftp
>acl Safe_ports port 443 563 # https, snews
>acl Safe_ports port 3128 # squid (is this needed, maybe as I don't allow
>1025-65535 below)
>acl Safe_ports port 5050:5055 # bpalogin
>acl Safe_ports port 123 # ntp
>acl Safe_ports port 280 # http-mgmt
>acl CONNECT method CONNECT
>http_access allow manager localhost
>http_access deny manager
>http_access deny !Safe_ports
>http_access deny CONNECT !SSL_ports
>http_access deny to_localhost
>acl mylan src 192.168.1.0/255.255.255.224
>http_access allow mylan
>http_access allow localhost
>http_access deny all
>http_reply_access allow all
>icp_access allow all
>cache_mgr root
>cache_effective_user squid
>cache_effective_group squid
>httpd_accel_port 80
>httpd_accel_host virtual
>httpd_accel_with_proxy on
>httpd_accel_uses_host_header on
>memory_pools on
>memory_pools_limit 10 MB
>cachemgr_passwd disable all
>coredump_dir /var/spool/squid
>
>
>Here is what is in my cache.log
>2005/06/26 21:12:28| Starting Squid Cache version 2.5.STABLE9 for
>i386-redhat-linux-gnu...
>2005/06/26 21:12:28| Process ID 7346
>2005/06/26 21:12:28| With 1024 file descriptors available
>2005/06/26 21:12:28| DNS Socket created at 0.0.0.0, port 32825, FD 5
>2005/06/26 21:12:28| Adding nameserver 127.0.0.1 from /etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.70.16 from /etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.71.29 from /etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.70.15 from /etc/resolv.conf
>2005/06/26 21:12:28| User-Agent logging is disabled.
>2005/06/26 21:12:28| Referer logging is disabled.
>2005/06/26 21:12:28| Unlinkd pipe opened on FD 10
>2005/06/26 21:12:28| Swap maxSize 102400 KB, estimated 7876 objects
>2005/06/26 21:12:28| Target number of buckets: 393
>2005/06/26 21:12:28| Using 8192 Store buckets
>2005/06/26 21:12:28| Max Mem size: 32768 KB
>2005/06/26 21:12:28| Max Swap size: 102400 KB
>2005/06/26 21:12:28| Rebuilding storage in /var/spool/squid (CLEAN)
>2005/06/26 21:12:28| Using Least Load store dir selection
>2005/06/26 21:12:28| Set Current Directory to /var/spool/squid
>2005/06/26 21:12:28| Loaded Icons.
>2005/06/26 21:12:29| Accepting HTTP connections at 0.0.0.0, port 3128, FD 12.
>2005/06/26 21:12:29| WCCP Disabled.
>2005/06/26 21:12:29| Ready to serve requests.
>2005/06/26 21:12:29| Done reading /var/spool/squid swaplog (0 entries)
>2005/06/26 21:12:29| Finished rebuilding storage from disk.
>2005/06/26 21:12:29| 0 Entries scanned
>2005/06/26 21:12:29| 0 Invalid entries.
>2005/06/26 21:12:29| 0 With invalid flags.
>2005/06/26 21:12:29| 0 Objects loaded.
>2005/06/26 21:12:29| 0 Objects expired.
>2005/06/26 21:12:29| 0 Objects cancelled.
>2005/06/26 21:12:29| 0 Duplicate URLs purged.
>2005/06/26 21:12:29| 0 Swapfile clashes avoided.
>2005/06/26 21:12:29| Took 0.3 seconds ( 0.0 objects/sec).
>2005/06/26 21:12:29| Beginning Validation Procedure
>2005/06/26 21:12:29| Completed Validation Procedure
>2005/06/26 21:12:29| Validated 0 Entries
>2005/06/26 21:12:29| store_swap_size = 0k
>2005/06/26 21:12:30| storeLateRelease: released 0 objects
>
>Best regards,
>Vaughan
>
>Mobile: 0412 122 362
>
>
>
>
>
Maybe does SElinux active in the new server FC4.?
Emilio C.
Received on Mon Jun 27 2005 - 03:36:24 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:03 MDT