Re: [squid-users] Fedora

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 17 Sep 2008 13:04:18 +1200

Gustavo Lazarte wrote:
> The service is up but is not getting any content from the destination server. Is there a line I need to change to make it forward traffic to my target server?
>

What type of proxy are you trying to setup?
Your config is for a standard proxy.

Amos

> Thanks
>
>
> -----Original Message-----
> From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
> Sent: Tuesday, September 16, 2008 7:38 AM
> To: Gustavo Lazarte
> Cc: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] Fedora
>
> Gustavo Lazarte wrote:
>> I upgraded and now when I am trying to use my squid server to send traffic to the site 10.2.0.140 the squid server IP is 10.2.0.150.
>>
>> I also get the Warning cannot write the log file Permission denied.
>>
>> Then I try the /usr/local/squid/sbin/squid I get cannot write cache.log
>> Permission denied. I use the user nobody for
>> cache_effective_user
>
> Ah, well, you need to set read+write permission on the log file
> directory squid is trying to use and the logs inside it.
>
>> /usr/local/squid/sbin/squid -z runs correctly
>>
>
> Thats good. At least the storage area won't have more of these problems
> when squid does start.
>
> Amos
>
>> Thanks
>>
>>
>>
>>
>> -----Original Message-----
>> From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
>> Sent: Saturday, September 13, 2008 11:39 AM
>> To: Gustavo Lazarte
>> Cc: squid-users_at_squid-cache.org
>> Subject: Re: [squid-users] Fedora
>>
>> Gustavo Lazarte wrote:
>>> I got the service working. Now my old configuration from version 2.4 is not working on 3.0 Stable 2.
>> Please do not use 3.0.stable2 under any circumstances. It does not
>> perform authentication in any meaningful manner.
>>
>> For you should use something 3.0.stable7+
>>
>> 3.0.stable9 is just out with the most current stability fixes..
>>
>>> In theory the traffic was coming from a load balancer and hit the Proxy server. The proxy server then will request 10.2.0.140 for the content.
>>>
>>> When I try to start the service with my old configuration is having problems with the following lines, is the syntax different?
>>>
>>> acl all src 0.0.0.0/0.0.0.0 ***warning***
>>> | acl manager proto cache_object
>>> | acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst
>>> | 127.0.0.0/8 acl ssl_ports ports 443 563 acl safe_port port 80 acl
>>> | safe_port ....
>>> | acl connect method connect
>>> | acl mylan src 127.0.0.1 ***Fatal Error***
>>> | acl mysites 10.2.0.140 *** Fatal Error***
>>> |
>>> | http_access allow manager localhost
>>> | http_access deny manager
>>> | http_access deny !safe_port
>>> | http_access deny to_localhost
>>> | http_access allow mysites
>>> | http_access deny all
>>> |
>>> | http_reply_access allow MYLAN ***Fatal Error***
>>> | http_reply_access allow all
>>>
>>> Even with the default config I am not able to telnet to port 80 on the squid server.
>> Correct. If squid cannot read it's config it wont be able to start
>> operating.
>>
>> Use a newer version, and please indicate what the warning messages are.
>> My informed guess is listed below
>>
>> acl all src ...
>> ** fully built-in now. no need to specify.
>>
>> acl mylan src 127.0.0.1
>> ** weird, check that line for extra text or invisible binary
>> characters. same for the other src one.
>>
>> http_reply_access allow MYLAN
>> http_reply_access allow all
>>
>> ** earlier failure of src ACL above may cause this
>> ** only the allow all is needed.
>>
>> Amos
>>
>>
>
>

-- 
Please use Squid 2.7.STABLE4 or 3.0.STABLE9
Received on Wed Sep 17 2008 - 01:04:23 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 17 2008 - 12:00:03 MDT