Re: Help please with seting up SQUID behind a firewall

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 07 Feb 2000 23:57:12 +0100

Stan Brown wrote:

> Slow down please. I'm a real newbie here at this, so I am
> over mey head. But willing to learn.

In short, the documentation amd configuration you are looking for is the
SOCKS documentation, not the Squid documentation. Your problem is mostly
an issue how to use SOCKS, not configuring Squid.

> I tried doing something as simple as "runsocks
> /usr/local/sbin/RunCache" but it did not work. Heres where I think the
> problem is with that, and maybe I can gixup my configuration to work
> around it.

You need to make the SOCKS client configuration, telling SOCKS what
destinations it can go directly on, and what destinations it must call
the SOCKS server for.

The runsocks wrapper wraps the binary application (in this case Squid)
in a SOCKS client library taking over all network operations. The client
configuration file tells this SOCKS wrapper wich operations needs to be
diverted to the SOCKS server and operations that should be handled
locally as usual.

> here are the non-default things that I have in squid.conf
>
> cache_peer 170.85.17.10 parent 1080 o no-query default
> (this tells squid to use the firewall right ?)

cache_peer is ONLY used if you have a HTTP proxy peer. If you are using
SOCKS then the configuration is done in the SOCKS client configuration
file, not in Squid.

The SOCKS client configuration file is usually /etc/socks.conf or
something like that (varies between installation and installations).

> Would this be a better way to do it? What is delegate? Where can I get
> some info on it?

It is a more complicated way of doing things. Only mentioned as a last
resort if you find that Squid does not work well together with SOCKS.

delegate is found at www.delegate.org I think.

--
Henrik Nordstrom
Squid hacker
Received on Mon Feb 07 2000 - 16:30:30 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:51:01 MST