Squid Configuration Problem

Zubair Ahmed Mohammed · ‎06-24-2004

Hi,

Plz help me out in this regards:
I have configured a squid on a linux server that should allow client(Windows) to access internet through it.

The configuration file:

http_port 3128
acl mynetwork src 192.20.160.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object

#http_access allow manager localhost
#http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow mynetwork
http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all

Can you just tell me what should be the sequence should be?

And where I am going wrong?

Your suggestion are very much appreciated.

a)
To add up there is not entry in /etc/hosts for the localhost.

b)No domainname specified

c)resolv.conf contains nameserver ipaddress.

When a user trying to access internet though IE he is not able to do so even after specifying the Proxy connecition entries in IE.

Thanks in advance!

Zubair

Muthukumar_5 · ‎06-24-2004

hai,

Your settings are good. I hope there may be link problem.
Did you configure the I.E with 3128 and ip-address of the squid.

What is your /etc/hosts entries.

Do you have any problem during squid startup. Check on cache.log entries.

Is your squid running. Check that with netstat -na | grep 3128.

Can you able to ping to the server from your client side.

IF you specify this,it is easy to solve the problem :)

Regards,
Muthukumar.

Easy to suggest when don't know about the problem!

Zubair Ahmed Mohammed · ‎06-24-2004

I have grepped the port # using netstat its perfectly fine.

root@localhost root]# netstat -na | grep 3128
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN

/etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.20.160.3 DNS

No entries in access.log file

Your suggestion is very much appreciated!

Zubair

Muthukumar_5 · ‎06-24-2004

hai,

Cache.log entries will have the squid startup messages. Give that entries.

Is your squid running machines hostname is DNS ?

What is your hosts entries in /etc/nsswitch.conf?

Can you able to ping from your client (192.20.160.* ) to squid machine 192.20.160.3 ?

Regards,
Muthukumar.

Easy to suggest when don't know about the problem!

Zubair Ahmed Mohammed · ‎06-24-2004

DNS server is 192.20.160.3
Squid server is 192.20.160.98

No such entries for 192.20.160.98 in /etc/hosts file

/etc/nsswitch.conf
hosts: files nisplus dns

PFA:document for your ref

Zubair Ahmed.

Muthukumar_5 · ‎06-24-2004

hai,

Your SQUID is running on 3128 and getting dns entries from 192.20.160.3 machine successfully. There is no problem in the squid side.

Edit the /etc/hosts file on squid machine with

Check the ping from client 192.20.160.1 or 192.20.160.3 -255 to 192.20.160.98 (squid machine)

Use only one hosts: dns files nisplus entry on the /etc/nsswitch.conf

Attachment contains too many hosts: entry :)

Check with anyother browsers. Did you change in I.E as like,

tools --> internet options --> connections --> LAN settings --> proxy server --> 192.20.160.98 and 3128

Problem will be because of the network connection.

Regards,
Muthukumar.

Easy to suggest when don't know about the problem!