Re: [squid-users] Squid Doubts from Amos Jeffries on 2008-02-22 (squid-users)

From: Amos Jeffries <squid3@dont-contact.us>
Date: Fri, 22 Feb 2008 23:50:26 +1300

kk CHN wrote:
> People: I tam using squid 2.6 in my freeBSD-6.1 machine , as http
> accelerator on port :80
>
> I edited my start up script (/usr/loca/etc/rc.d/squid) for
> squid-user as root ,//because its not starting as user "squid" for
> port 80. :
>
> Q1 : is editing startup script to change user as " root" okay ?

Yes squid will reduce its user level to minimal after it has setup properly.

>
> I have a few questions below this : Let me ask your comments on those
> questions
>
>
> whenever I am doing a sockstat -4p 80 I am getting
>
> max # sockstat -4p 80
> USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
> www httpd 1394 3 tcp4 127.0.0.1:80 *:*
> squid squid 1392 9 tcp4 2xx.1xx.2xx.xxx:80 63.42.21.53:39234
> squid squid 1392 11 tcp4 2xx.1xx.2xx.xxx:80 *:*
> squid squid 1392 14 tcp4 2xx.1xx.2xx.xxx:80 243.109.215.18:52561
> squid squid 1392 15 tcp4 2xx.1xx.2xx.xxx:80 243.109.215.18:56962
> squid squid 1392 16 tcp4 127.0.0.1:58926 127.0.0.1:80
> squid squid 1392 17 tcp4 2xx.1xx.2xx.xxx:80 209.131.41.48:23788
> www httpd 503 3 tcp4 127.0.0.1:80 *:*
> www httpd 503 22 tcp4 127.0.0.1:80 127.0.0.1:58926
> www httpd 502 3 tcp4 127.0.0.1:80 *:*
> www httpd 501 3 tcp4 127.0.0.1:80 *:*
> root httpd 495 3 tcp4 127.0.0.1:80 *:*
> max#
>
> here squid shows
> squid squid 1392 16 tcp4 127.0.0.1:58926 127.0.0.1:80
>
> Q 2: why the port number 58926 here? it should be 80 right?

No. That is the OUT side of squid, connecting from large random port to
localhost:80 IN side of the www server.

>
> Q 3 : How can I check the foreign addresses connected to port :80 are
> spammers OR not ?
>

http://www.surbl.org/
http://www.spamhaus.org/zen/

> Q: 4 if they are spammers how to deny them?
>

Up to you.

> Q :5 this is my squid folder but it not showing any cache dirs why?
>

What does your squid.conf say about "cache_dir"?

> max# cd /usr/local/squid/
> max# ls
> cache logs
> max# cd cache/
> max# ls
> none squid.core
> max#
>

I think from that you have probably created a cache_dir named "none" :-(

Amos

-- 
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.

Received on Fri Feb 22 2008 - 03:50:11 MST

This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST