Hi,
That is exactly the configuration I have. Fedora
Server for 20 clients, firewall, chache. Internal
static, external dinamic.
I think you really changed a lot on squid.conf, should
begin with standard configuration and change one thing
at time. I won�t use macaddress as a parameter, in
fact I use internal ip�s.
Regards.
--- Kumara Jayaweera <kumara.jayaweera@damad.com>
escribi�:
> Greetings! to all,
> Please, look into my problem and help me. I am quite
> a newbie squidish.
> 1. my squid server is ready for serve requests.
> 2. it is on a firewall too.
> 3.WAN connection (DSL) from eth0 is with DHCP. but
> my LAN connection is
> (eth1) with static IP.
> 4.client's access is given by MAC address, no other
> authentication is
> required.
> 5. almost all the settings as per the default values
> in squid.conf. (pls,
> somebody figure me out what is unnecessary for me in
> my squid.conf file
> which I don't understand).
> 6. I want Firewall+proxy+caching for my LAN of 20
> PCs.
> 7. My problem is I can not connect IE clients to the
> Squid server with my
> settings (pls see, given below squid.conf file).
> 8. Since I am a newbie, I hope your generous
> assistance.
> 9. Pls, see below for my squid.conf file and squid
> -NCd1 command.
>
> [root@proxy ~]# /usr/local/squid/sbin/squid -NCd1
> 2005/07/30 17:56:57| Starting Squid Cache version
> 2.5.STABLE10 for
> i686-pc-linux -gnu...
> 2005/07/30 17:56:57| Process ID 3901
> 2005/07/30 17:56:57| With 1024 file descriptors
> available
> 2005/07/30 17:56:57| Performing DNS Tests...
> 2005/07/30 17:56:57| Successful DNS name lookup
> tests...
> 2005/07/30 17:56:57| DNS Socket created at 0.0.0.0,
> port 32769, FD 4
> 2005/07/30 17:56:57| Adding nameserver 62.149.114.7
> from /etc/resolv.conf
> 2005/07/30 17:56:57| Adding nameserver
> 212.118.133.101 from /etc/resolv.conf
> 2005/07/30 17:56:57| Unlinkd pipe opened on FD 9
> 2005/07/30 17:56:57| Swap maxSize 102400 KB,
> estimated 7876 objects
> 2005/07/30 17:56:57| Target number of buckets: 393
> 2005/07/30 17:56:57| Using 8192 Store buckets
> 2005/07/30 17:56:57| Max Mem size: 32768 KB
> 2005/07/30 17:56:57| Max Swap size: 102400 KB
> 2005/07/30 17:56:57| Rebuilding storage in
> /usr/local/squid/var/cache
> (CLEAN)
> 2005/07/30 17:56:57| Using Least Load store dir
> selection
> 2005/07/30 17:56:57| Set Current Directory to
> /usr/local/squid/var/cache
> 2005/07/30 17:56:57| Loaded Icons.
> 2005/07/30 17:56:57| Accepting HTTP connections at
> 0.0.0.0, port 3128, FD
> 11.
> 2005/07/30 17:56:57| Accepting ICP messages at
> 0.0.0.0, port 3130, FD 12.
> 2005/07/30 17:56:57| WCCP Disabled.
> 2005/07/30 17:56:57| Ready to serve requests.
> 2005/07/30 17:56:58| Done reading
> /usr/local/squid/var/cache swaplog (0
> entries)
> 2005/07/30 17:56:58| Finished rebuilding storage
> from disk.
> 2005/07/30 17:56:58| 0 Entries scanned
> 2005/07/30 17:56:58| 0 Invalid entries.
> 2005/07/30 17:56:58| 0 With invalid flags.
> 2005/07/30 17:56:58| 0 Objects loaded.
> 2005/07/30 17:56:58| 0 Objects expired.
> 2005/07/30 17:56:58| 0 Objects cancelled.
> 2005/07/30 17:56:58| 0 Duplicate URLs
> purged.
> 2005/07/30 17:56:58| 0 Swapfile clashes
> avoided.
> 2005/07/30 17:56:58| Took 0.8 seconds ( 0.0
> objects/sec).
> 2005/07/30 17:56:58| Beginning Validation Procedure
> 2005/07/30 17:56:58| Completed Validation
> Procedure
> 2005/07/30 17:56:58| Validated 0 Entries
> 2005/07/30 17:56:58| store_swap_size = 0k
> 2005/07/30 17:56:58| storeLateRelease: released 0
> objects
>
> ***********************
> and my squid conf. file.
> ***********************
> http_port 3128
> icp_port 3130
> udp_incoming_address 0.0.0.0
> udp_outgoing_address 255.255.255.255
> icp_query_timeout 0
> maximum_icp_query_timeout 2000
> mcast_icp_query_timeout 3000
> dead_peer_timeout 10 seconds
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> no_cache deny QUERY
> cache_mem 32 MB
> cache_swap_low 90
> cache_swap_high 95
> maximum_object_size 320010 KB
> minimum_object_size 0 KB
> maximum_object_size_in_memory 16 KB
> ipcache_size 2048
> ipcache_low 90
> ipcache_high 95
> fqdncache_size 1024
> cache_replacement_policy lru
> memory_replacement_policy lru
> cache_dir ufs /usr/local/squid/var/cache 100 16 256
> cache_access_log
> /usr/local/squid/var/logs/access.log
> cache_log /usr/local/squid/var/logs/cache.log
> cache_store_log /usr/local/squid/var/logs/store.log
> emulate_httpd_log off
> log_ip_on_direct on
> mime_table /usr/local/squid/etc/mime.conf
> log_mime_hdrs off
> pid_filename /usr/local/squid/var/logs/squid.pid
> debug_options ALL,1
> log_fqdn on
> client_netmask 255.255.255.0
> ftp_list_width 32
> ftp_passive on
> ftp_sanitycheck on
> #ftp_telnet_protocol on
> dns_retransmit_interval 5 seconds
> dns_timeout 2 minutes
> #defnames off
> hosts_file /etc/hosts
> diskd_program /usr/local/squid/libexec/diskd
> unlinkd_program /usr/local/squid/libexec/unlinkd
> redirect_children 5
> redirect_rewrites_host_header on
> authenticate_cache_garbage_interval 1 hour
> authenticate_ttl 1 hour
> authenticate_ip_ttl 200 seconds
> request_header_max_size 20 KB
> request_body_max_size 0 KB
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> quick_abort_min 16 KB
> quick_abort_max 16 KB
> quick_abort_pct 95
> negative_ttl 5 minutes
> positive_dns_ttl 6 hours
> negative_dns_ttl 1 minute
> range_offset_limit 0 KB
> forward_timeout 4 minutes
> connect_timeout 1 minute
> peer_connect_timeout 30 seconds
> read_timeout 15 minutes
> request_timeout 5 minutes
> persistent_request_timeout 1 minute
> client_lifetime 1 day
> half_closed_clients off
> pconn_timeout 120 seconds
> ident_timeout 10 seconds
> shutdown_lifetime 30 seconds
>
> # ACCESS CONTROLS
> #
>
--------------------------------------------------------------------------
> ---
> #Recommended minimum configuration:
> acl all src 0.0.0.0/0.0.0.0
> #acl manager proto cache_object
> #acl localhost src 127.0.0.1/255.255.255.255
> #acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> #http_access deny all
> #http_access allow manager localhost
> #http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl our_networks src 192.168.1.0/24
> #acl our_networks src 192.168.1.0/24 192.168.2.0/24
> (Ex: for future kumara)
> http_access allow our_networks
> http_access deny all
> #http_reply_access allow all
> #icp_access allow all
> #miss_access allow all
>
=== message truncated ===
__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam �gratis!
Reg�strate ya - http://correo.espanol.yahoo.com/
Received on Sat Jul 30 2005 - 17:30:54 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Aug 01 2005 - 12:00:03 MDT