Henrique M. wrote:
>
> Amos Jeffries-2 wrote:
>> acl localhost src 192.168.2.5 # 192.168.2.5 Server IP, 192.168.2.1 Modem
>> IP
>>
>> "localhost" is a special term used in networking to mean the IPs 127.0.0.1
>> and sometimes ::1 as well. When defining an ACL for 'public' squid box IPs
>> its better to use a different name. The localnet definition covers the
>> same public IPs anyway so redefining it is not a help here.
>>
>
> So what do you suggest? Should I just erase this line or change it?
Make it back to:
acl localhost src 127.0.0.1
>
>
> Amos Jeffries-2 wrote:
>> http_access allow all
>>
>> This opens the proxy to access from any source on the internet at all.
>> Zero inbound security. Not good for a long-term solution. I'd suggest
>> testing with that as a "deny all" to make sure we don't get a
>> false-success.
>>
>
> Will do that. How about the "icp_access"? What does this command do? Should
> I leave it "allow all"?
Allows other machines which have your squid set as a cache_peer to send
ICP requests to you and get replies back. Current Squid default it off
for extra security. Unless you need it, do: icp_access deny all
>
>
> joost.deheer wrote:
>> Define "doesn't work". Clients get an error? Won't start? Something else?
>>
>
> Squid seems to starts, but clients can't browse the internet. They get the
> default error msg that the browser shows when it can't load the website.
> This actualy got me thinking if I am setting up the browser correctly? I'm
> typing the servers IP for the proxy address and "3128" for the proxy port,
> is that correct?
I believe so yes.
* Make sure its set for HTTP, HTTPS, FTP, and Gopher but not SOCKS
proxy settings. (some may not be present).
* Check the testing client machine can get to squid (ping or such).
Check the cache.log to see if Squid is failing or busy at the time you
are checking.
* make sure that squid is actually running and opened port 3128.
"netstat -antup | grep 3128" or similar commands should say.
>
>
> joost.deheer wrote:
>> You could also try to start the proxy with 'squid -N' to start squid as a
>> console application instead of in daemon mode. The errors should then
>> appear on your screen.
>>
>
> How should I do that? I tried to start squid with "/etc/init.d/squid -N
> start" and "/etc/init.d/squid -N" but I didn't work. I end up finding out
> that I could check squid's status and for my surprise I got this message "*
> squid is not running.". So how do I start squid so it will show me the
> error msgs on screen?
Just "squid -N -Y -d 1" shoudl work. If not find the path to *bin/squid
and run with the full file path/name.
Usually "locate bin/squid" says where squid actually is.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14 Current Beta Squid 3.1.0.7Received on Wed Apr 22 2009 - 15:17:54 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 30 2009 - 12:00:03 MDT