Re: [squid-users] web internal servers problem

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 01 Apr 2003 10:15:18 +0200

Who is sending you the error message? I think the error is sent to you
by your parent.

I think you are missing

acl local dst 10.0.0.0/8
always_direct allow local

Also, having the browsers reconfigured to go direct for internal servers
is generally recommended.

Regards
Henrik

Andi Hari Cahyono wrote:
>
> Hello all,
>
> i've upgraded my squid 2.4STABLE7. Now i'm using squid 2.5.stable2. But i still can't access my internal web servers. My dns using ISP's dns.
> The problem when i open infotech.altuwairqi.com.sa ( my local web server )is The system detected an Unresolved Host Name while attempting to resolve the host specified in the requested URL
>
> here is my squid.conf
>
> proxy:/data/log # more /etc/squid/etc/squid.conf
> http_port 3128
> icp_port 3130
> # htcp_port 4827
> cache_peer x.x.x.x parent 8080 0
> cache_peer x.x.x.x sibling 8080 0
> icp_query_timeout 50
> maximum_icp_query_timeout 2000
> mcast_icp_query_timeout 2000
> dead_peer_timeout 30 seconds
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> cache_mem 32 MB
> cache_swap_low 90
> cache_swap_high 95
> maximum_object_size 4096 KB
> minimum_object_size 0 KB
> maximum_object_size_in_memory 8 KB
> ipcache_size 1024
> ipcache_low 90
> ipcache_high 95
> fqdncache_size 1024
> cache_replacement_policy lru
> memory_replacement_policy lru
> cache_dir ufs /data/cache/squid 100 16 256
> cache_access_log /data/log/access.log
> cache_log /data/log/cache.log
> cache_store_log /data/log/store.log
> emulate_httpd_log off
> log_ip_on_direct on
> pid_filename /data/log/squid.pid
> hosts_file /etc/hosts
> redirect_children 5
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> request_header_max_size 10 KB
> request_body_max_size 0 KB
> #Suggested default:
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
>
> quick_abort_min 16 KB
> quick_abort_max 16 KB
> quick_abort_pct 95
> negative_ttl 5 minutes
> positive_dns_ttl 6 hours
> negative_dns_ttl 5 minutes
> range_offset_limit 0 KB
> connect_timeout 2 minutes
> peer_connect_timeout 30 seconds
> read_timeout 15 minutes
> request_timeout 5 minutes
> client_lifetime 1 day
> half_closed_clients on
> shutdown_lifetime 30 seconds
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
>
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow all
> http_reply_access allow all
> icp_access allow all
> miss_access allow all
> cache_mgr it@altuwairqi.com.sa
> cache_effective_user squid
> visible_hostname proxy.altuwairqi.com.sa
> unique_hostname proxy.altuwairqi.com.sa
> query_icmp off
>
> -------------
>
> and here is my /etc/hosts
>
> 127.0.0.1 localhost
>
> # special IPv6 addresses
> ::1 localhost ipv6-localhost ipv6-loopback
>
> fe00::0 ipv6-localnet
>
> ff00::0 ipv6-mcastprefix
> ff02::1 ipv6-allnodes
> ff02::2 ipv6-allrouters
> ff02::3 ipv6-allhosts
>
> 10.10.1.11 infotech.altuwairqi.com.sa
> 10.10.1.19 proxy.altuwairqi.com.sa
> 10.10.1.24 proxy1.altuwairqi.com.sa
>
> i'm waiting for your help
> thanks
>
> andihari
Received on Tue Apr 01 2003 - 01:17:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:34 MST