Greetings! to all,
Please, look into my problem and help me. I am quite a newbie squidish.
1. my squid server is ready for serve requests.
2. it is on a firewall too.
3.WAN connection (DSL) from eth0 is with DHCP. but my LAN connection is
(eth1) with static IP.
4.client's access is given by MAC address, no other authentication is
required.
5. almost all the settings as per the default values in squid.conf. (pls,
somebody figure me out what is unnecessary for me in my squid.conf file
which I don't understand).
6. I want Firewall+proxy+caching for my LAN of 20 PCs.
7. My problem is I can not connect IE clients to the Squid server with my
settings (pls see, given below squid.conf file).
8. Since I am a newbie, I hope your generous assistance.
9. Pls, see below for my squid.conf file and squid -NCd1 command.
[root@proxy ~]# /usr/local/squid/sbin/squid -NCd1
2005/07/30 17:56:57| Starting Squid Cache version 2.5.STABLE10 for
i686-pc-linux -gnu...
2005/07/30 17:56:57| Process ID 3901
2005/07/30 17:56:57| With 1024 file descriptors available
2005/07/30 17:56:57| Performing DNS Tests...
2005/07/30 17:56:57| Successful DNS name lookup tests...
2005/07/30 17:56:57| DNS Socket created at 0.0.0.0, port 32769, FD 4
2005/07/30 17:56:57| Adding nameserver 62.149.114.7 from /etc/resolv.conf
2005/07/30 17:56:57| Adding nameserver 212.118.133.101 from /etc/resolv.conf
2005/07/30 17:56:57| Unlinkd pipe opened on FD 9
2005/07/30 17:56:57| Swap maxSize 102400 KB, estimated 7876 objects
2005/07/30 17:56:57| Target number of buckets: 393
2005/07/30 17:56:57| Using 8192 Store buckets
2005/07/30 17:56:57| Max Mem size: 32768 KB
2005/07/30 17:56:57| Max Swap size: 102400 KB
2005/07/30 17:56:57| Rebuilding storage in /usr/local/squid/var/cache
(CLEAN)
2005/07/30 17:56:57| Using Least Load store dir selection
2005/07/30 17:56:57| Set Current Directory to /usr/local/squid/var/cache
2005/07/30 17:56:57| Loaded Icons.
2005/07/30 17:56:57| Accepting HTTP connections at 0.0.0.0, port 3128, FD
11.
2005/07/30 17:56:57| Accepting ICP messages at 0.0.0.0, port 3130, FD 12.
2005/07/30 17:56:57| WCCP Disabled.
2005/07/30 17:56:57| Ready to serve requests.
2005/07/30 17:56:58| Done reading /usr/local/squid/var/cache swaplog (0
entries)
2005/07/30 17:56:58| Finished rebuilding storage from disk.
2005/07/30 17:56:58| 0 Entries scanned
2005/07/30 17:56:58| 0 Invalid entries.
2005/07/30 17:56:58| 0 With invalid flags.
2005/07/30 17:56:58| 0 Objects loaded.
2005/07/30 17:56:58| 0 Objects expired.
2005/07/30 17:56:58| 0 Objects cancelled.
2005/07/30 17:56:58| 0 Duplicate URLs purged.
2005/07/30 17:56:58| 0 Swapfile clashes avoided.
2005/07/30 17:56:58| Took 0.8 seconds ( 0.0 objects/sec).
2005/07/30 17:56:58| Beginning Validation Procedure
2005/07/30 17:56:58| Completed Validation Procedure
2005/07/30 17:56:58| Validated 0 Entries
2005/07/30 17:56:58| store_swap_size = 0k
2005/07/30 17:56:58| storeLateRelease: released 0 objects
***********************
and my squid conf. file.
***********************
http_port 3128
icp_port 3130
udp_incoming_address 0.0.0.0
udp_outgoing_address 255.255.255.255
icp_query_timeout 0
maximum_icp_query_timeout 2000
mcast_icp_query_timeout 3000
dead_peer_timeout 10 seconds
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 320010 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 16 KB
ipcache_size 2048
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir ufs /usr/local/squid/var/cache 100 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
emulate_httpd_log off
log_ip_on_direct on
mime_table /usr/local/squid/etc/mime.conf
log_mime_hdrs off
pid_filename /usr/local/squid/var/logs/squid.pid
debug_options ALL,1
log_fqdn on
client_netmask 255.255.255.0
ftp_list_width 32
ftp_passive on
ftp_sanitycheck on
#ftp_telnet_protocol on
dns_retransmit_interval 5 seconds
dns_timeout 2 minutes
#defnames off
hosts_file /etc/hosts
diskd_program /usr/local/squid/libexec/diskd
unlinkd_program /usr/local/squid/libexec/unlinkd
redirect_children 5
redirect_rewrites_host_header on
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
authenticate_ip_ttl 200 seconds
request_header_max_size 20 KB
request_body_max_size 0 KB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 1 minute
range_offset_limit 0 KB
forward_timeout 4 minutes
connect_timeout 1 minute
peer_connect_timeout 30 seconds
read_timeout 15 minutes
request_timeout 5 minutes
persistent_request_timeout 1 minute
client_lifetime 1 day
half_closed_clients off
pconn_timeout 120 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
# ACCESS CONTROLS
# --------------------------------------------------------------------------
--- #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 #acl manager proto cache_object #acl localhost src 127.0.0.1/255.255.255.255 #acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT #http_access deny all #http_access allow manager localhost #http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports acl our_networks src 192.168.1.0/24 #acl our_networks src 192.168.1.0/24 192.168.2.0/24 (Ex: for future kumara) http_access allow our_networks http_access deny all #http_reply_access allow all #icp_access allow all #miss_access allow all #ident_lookup_access deny all #reply_header_max_size 20 KB #reply_body_max_size 0 allow all #MAC ADDRESSES acl M1 arp 00:01:02:0b:4b:a2 acl M2 arp 00:04:76:24:09:3f acl M3 arp 00:0c:f1:8a:8e:1d acl M4 arp 00:0e:2e:36:2d:a1 acl M5 arp 00:01:02:0b:4b:9f acl M6 arp 00:0e:2e:25:af:c1 acl M7 arp 00:0e:2e:36:21:03 acl M8 arp 00:10:a4:11:8e:9b #acl M9 arp acl M10 arp 00:04:76:1c:17:45 acl M11 arp 00:0a:e4:d2:6d:40 acl M12 arp 00:d0:59:54:89:3b acl M13 arp 00:11:09:60:36:02 acl M14 arp 00:03:0d:10:e2:71 acl M15 arp 00:05:5d:2f:97:50 acl M16 arp 00:c0:9f:4e:6b:ff acl M17 arp 00:c0:9f:53:0b:aa acl M18 arp 00:0f:b0:5f:3a:d0 acl M19 arp 00:02:3f:0e:34:6c #acl M20 arp http_access allow M1 http_access allow M2 http_access allow M3 http_access allow M4 http_access allow M5 http_access allow M6 http_access allow M7 http_access allow M8 #http_access allow M9 http_access allow M10 http_access allow M11 http_access allow M12 http_access allow M13 http_access allow M14 http_access allow M15 http_access allow M16 http_access allow M17 http_access allow M18 http_access allow M19 #http_access allow M20 http_access deny all #number of connections #acl losers src 192.168.1.0/24 #acl 4CONN maxconn 4 #http_access deny 4CONN losers # ADMINISTRATIVE PARAMETERS cache_mgr mohanjayaweera@yahoo.com cache_effective_user squid cache_effective_group squid visible_hostname proxy tcp_recv_bufsize 0 bytes memory_pools_limit 5 MB forwarded_for on log_icp_queries on icp_hit_stale off minimum_direct_hops 4 minimum_direct_rtt 400 store_avg_object_size 13 KB store_objects_per_bucket 20 client_db on netdb_low 900 netdb_high 1000 netdb_ping_period 5 minutes query_icmp off test_reachability off buffered_logs off reload_into_ims off short_icon_urls off error_directory /usr/local/squid/share/errors/English maximum_single_addr_tries 1 retry_on_error off #as_whois_server whois.ra.net #as_whois_server whois.ra.net #wccp_router 0.0.0.0 #wccp_version 4 #wccp_incoming_address 0.0.0.0 #wccp_outgoing_address 255.255.255.255 prefer_direct off strip_query_terms on coredump_dir none coredump_dir /usr/local/squid/var/cache redirector_bypass off ignore_unknown_nameservers on client_persistent_connections on server_persistent_connections on detect_broken_pconn off balance_on_multiple_ip on pipeline_prefetch off request_entities off high_response_time_warning 0 high_page_fault_warning 0 high_memory_warning 0 store_dir_select_algorithm least-load ie_refresh off vary_ignore_expire off sleep_after_fork 0 relaxed_header_parser on Thank you very much for veiwing my problem. any hits, places to start looking? KumaraReceived on Sat Jul 30 2005 - 12:22:15 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Aug 01 2005 - 12:00:03 MDT