Re: [squid-users] squid.conf entries

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 10 Dec 2003 23:39:46 +0100 (CET)

On Wed, 10 Dec 2003, ChuckS wrote:

> root@corona <mailto:root@corona>:~# /etc/init.d/squid restart
> Restarting proxy server: 2003/12/06 09:15:00| parseConfigFile: line 95
> unrecognized: 'tcp_incoming_address 192.168.4.4'

There is no tcp_incoming_address in the current Squid versions, instead
this is specified in the http(s)_port directives. See the Squid-2.5
release notes if you have upgraded from Squid-2.4.

It is stronly recommended to clean the active squid.conf from all the
documentation comments once you have done the first configuration as these
otherwise easily can be misleading after Squid has been upgraded. You
always have the documentation comments in squid.conf.default.

To clean your squid.conf from the documentation comments run the
following:

  grep "^[a-z]" squid.conf >squid.conf.clean
  mv squid.conf squid.conf.old
  mv squid.conf.clean squid.conf

then inspect squid.conf and add a few comments explaining why you
have configured it in the manner you have.

Verify the new configuration file with "squid -k parse". If there is
errors fix those until "squid -k parse" returns nothing.

When there is no errors try to start Squid and verify that it works.

Please note that you can rearrange the directives in mostly any order you
please to make it more readable. The only requirements is that the order
of your http_access rules is correct for the access controls you want to
have, and that any acl names used by your http_access lines are defined
before where they are used.

> 2003/12/06 09:15:00| squid.conf line 1037: http_access allow manager localhost miltoy yoderst corona
> 2003/12/06 09:15:00| aclParseAccessLine: ACL name 'yoderst' not found.

You are missing an "acl yoderst ..." somewhere before line 1037.

It is probably a good time to read Squid FAQ chapter 10 Access controls.

Doing the above mentioned cleanup of your squid.conf also gives you a much
better overview of what you have (or not have) making it much easier to
follow.

> 2003/12/06 09:15:00| squid.conf line 1046: http_access allow yoderst
> 2003/12/06 09:15:00| aclParseAccessLine: ACL name 'yoderst' not found.
> 2003/12/06 09:15:00| squid.conf line 1046: http_access allow yoderst
> 2003/12/06 09:15:00| aclParseAccessLine: Access line contains no
> ACL's, skipping

These are repetitions of the same error.

Regards
Henrik
Received on Wed Dec 10 2003 - 15:39:59 MST

This archive was generated by hypermail pre-2.1.9 : Thu Jan 01 2004 - 12:00:09 MST