[squid-users] proxy woes continued

From: richard <[email protected]>
Date: Sat, 19 Feb 2005 22:31:19 +0000

Hi
After ploughing through suggested docs, not alot further forward.
Still getting no traffic thru squid, the connection is fine as the DNS request goes thru OK.
I'm not seeing log entries from shorewall, or squid/access.log, but I'm getting connection refused
from firefox on the remote machine, unfortunately its running winxp. not my machine !
squid.conf is as follows all default hashed entries removed to reduce it size in this mail.
All shorewall policies have "info" turned on so should see something in the syslog, but not.
Last squid/access.log showed TCP_DENIED/400 ..port address on wlan0 is 192.168.90.33 255.255.255.240

Suggestions ??? what have I missed ?
Richard

Squid.conf
> http_port 127.0.0.1:3128
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl our_networks src 192.168.90.0/24
> http_access allow our_networks
> http_access allow localhost
> http_reply_access allow all
> icp_access allow all
> httpd_accel_port 80
> httpd_accel_with_proxy on
> httpd_accel_uses_host_header on
> httpd_accel-host virtual
> lt rate exceeds this
Dansguardian.conf
> # DansGuardian config file for version 2.7.7
> reportinglevel = 3
> language = 'ukenglish'
> loglevel = 2
> logexceptionhits = on
> logfileformat = 1
> filterip = 127.0.0.1
> filterport = 8080
> proxyip = 127.0.0.1
> proxyport = 3128
> accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
> nonstandarddelimiter = on
> usecustombannedimage = 1
> custombannedimagefile = '/etc/dansguardian/transparent1x1.gif'
> filtergroups = 1
> filtergroupslist = '/etc/dansguardian/filtergroupslist'
> bannediplist = '/etc/dansguardian/bannediplist'
> exceptioniplist = '/etc/dansguardian/exceptioniplist'
> banneduserlist = '/etc/dansguardian/banneduserlist'
> exceptionuserlist = '/etc/dansguardian/exceptionuserlist'
> showweightedfound = on
> weightedphrasemode = 2
> urlcachenumber = 1000
> urlcacheage = 900
> phrasefiltermode = 2
> preservecase = 0
> hexdecodecontent = 0
> forcequicksearch = 0
> reverseaddresslookups = off
> reverseclientiplookups = off
> createlistcachefiles = on
> maxuploadsize = -1
> maxcontentfiltersize = 256
> usernameidmethodproxyauth = on
> usernameidmethodntlm = off # **NOT IMPLEMENTED**
> usernameidmethodident = off
> preemptivebanning = on
> forwardedfor = off
> usexforwardedfor = off
> logconnectionhandlingerrors = on
> maxchildren = 120
> minchildren = 8
> minsparechildren = 4
> preforkchildren = 6
> maxsparechildren = 32
> maxagechildren = 500
> urlipcfilename = '/tmp/.dguardianurlipc'
> nodaemon = off
> nologger = off
> daemonuser = 'squid'
> daemongroup = 'squid'
> softrestart = off
Received on Sat Feb 19 2005 - 15:31:22 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST