Search squid archive

RE: Squid not starting up after update to Fedora Core4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That's right, it was one of the first things I disabled.  I don't like things
running on my box that I know nothing about what they are doing.  Of course, I
intend to find out what selinux does and re-enable it once everything else is
settled.

However, I now have to announce, with egg on my face, that is was the firewall
causing the problems.  Not sure why it worked before, but I now have to punch a
hole from the LAN side into firewall going to port 3128.  Of course, FC4 is
running a later version of iptables than I was using on RH7.1 as well.

Thanks for the help.

Best regards,
Vaughan

Mobile: 0412 122 362

-----Original Message-----
From: Gert Brits [mailto:gbrits@xxxxxxxxxxxxxxxxxx] 
Sent: Monday, June 27, 2005 8:47 PM
To: Vaughan@xxxxxxxxxxxx; 'Emilio Casbas'
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  Squid not starting up after update to Fedora Core4

SO I take it that when you disabled SELinux, it still did not work ?


Regards

Gert Brits
Senior Engineer
Technology Concepts
Tel +27 11 803 2169
Fax +27 11 803 2189
Web www.techconcepts.co.za 

-----Original Message-----
From: Vaughan Roberts [mailto:Vaughan@xxxxxxxxxxxx]
Sent: Monday, June 27, 2005 12:28 PM
To: 'Emilio Casbas'
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  Squid not starting up after update to Fedora
Core4


I have disabled selinux in /etc/selinux/conf so that it does not cause
additional problems. 

I am looking at installing ethereal to get some data to help identify
the problem.

Best regards,
Vaughan

Mobile: 0412 122 362

-----Original Message-----
From: Emilio Casbas [mailto:ecasbas@xxxxxxx] 
Sent: Monday, June 27, 2005 7:36 PM
To: Vaughan@xxxxxxxxxxxx
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  Squid not starting up after update to Fedora
Core4

Vaughan Roberts wrote:

>Hi,
>
>I have been using squid for about 4-5 months successfully on a RedHat
>7.1 box which acts as the nat router / firewall between the I-net and 
>my LAN.  A couple of days ago I decided to upgrade to Fedora Core4.  I 
>have now got most things working, but the browers on my LAN clients are

>not able to access web-sites.  I can ping the web-sites, but the
browers are
doing nothing.
>At first I thought it was a DNS problem, but tcpdump indicates that is
>working fine and if I use IP numbers for the web-sites they still don't
respond.
>I have copied over my squid.conf and iptables setting from 7.1 and
>successfully set up the cache directories but I am getting nothing in 
>access.log or store.log.
>
>Can anybody see what I am doing wrong, or knows of any utilities that
>could clarify what the issue is?
>
>Here is a decommented copy of the squid.conf file I am using. http_port

>3128 icp_port 0
>hierarchy_stoplist cgi-bin ?
>acl QUERY urlpath_regex cgi-bin \?
>no_cache deny QUERY
>cache_mem 32 MB
>cache_dir ufs /var/spool/squid 100 16 256 cache_access_log 
>/var/log/squid/access.log cache_log /var/log/squid/cache.log 
>cache_store_log /var/log/squid/store.log pid_filename 
>/var/run/squid.pid debug_options ALL,1 33,2 auth_param basic children 5

>auth_param basic realm Squid proxy-caching web server auth_param basic 
>credentialsttl 2 hours
>refresh_pattern ^ftp:		1440	20%	10080
>refresh_pattern ^gopher:	1440	0%	1440
>refresh_pattern .		0	20%	4320
>acl all src 0.0.0.0/0.0.0.0
>acl manager proto cache_object
>acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 
>127.0.0.0/255.0.0.0 acl SSL_ports port 443 563
>acl Safe_ports port 80		# http
>acl Safe_ports port 8080	# http #2
>acl Safe_ports port 21		# ftp
>acl Safe_ports port 443 563	# https, snews
>acl Safe_ports port 3128	# squid (is this needed, maybe as I
don't allow
>1025-65535 below)
>acl Safe_ports port 5050:5055	# bpalogin
>acl Safe_ports port 123		# ntp
>acl Safe_ports port 280		# http-mgmt
>acl CONNECT method CONNECT
>http_access allow manager localhost
>http_access deny manager
>http_access deny !Safe_ports
>http_access deny CONNECT !SSL_ports
>http_access deny to_localhost
>acl mylan src 192.168.1.0/255.255.255.224 http_access allow mylan 
>http_access allow localhost http_access deny all http_reply_access 
>allow all icp_access allow all cache_mgr root cache_effective_user 
>squid cache_effective_group squid httpd_accel_port 80 httpd_accel_host 
>virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on 
>memory_pools on memory_pools_limit 10 MB cachemgr_passwd disable all 
>coredump_dir /var/spool/squid
>
>
>Here is what is in my cache.log
>2005/06/26 21:12:28| Starting Squid Cache version 2.5.STABLE9 for 
>i386-redhat-linux-gnu... 2005/06/26 21:12:28| Process ID 7346
>2005/06/26 21:12:28| With 1024 file descriptors available
>2005/06/26 21:12:28| DNS Socket created at 0.0.0.0, port 32825, FD 5
>2005/06/26 21:12:28| Adding nameserver 127.0.0.1 from /etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.70.16 from
/etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.71.29 from
/etc/resolv.conf
>2005/06/26 21:12:28| Adding nameserver 144.140.70.15 from
/etc/resolv.conf
>2005/06/26 21:12:28| User-Agent logging is disabled.
>2005/06/26 21:12:28| Referer logging is disabled.
>2005/06/26 21:12:28| Unlinkd pipe opened on FD 10
>2005/06/26 21:12:28| Swap maxSize 102400 KB, estimated 7876 objects
>2005/06/26 21:12:28| Target number of buckets: 393
>2005/06/26 21:12:28| Using 8192 Store buckets
>2005/06/26 21:12:28| Max Mem  size: 32768 KB
>2005/06/26 21:12:28| Max Swap size: 102400 KB
>2005/06/26 21:12:28| Rebuilding storage in /var/spool/squid (CLEAN)
>2005/06/26 21:12:28| Using Least Load store dir selection
>2005/06/26 21:12:28| Set Current Directory to /var/spool/squid
>2005/06/26 21:12:28| Loaded Icons.
>2005/06/26 21:12:29| Accepting HTTP connections at 0.0.0.0, port 3128,
FD 12.
>2005/06/26 21:12:29| WCCP Disabled.
>2005/06/26 21:12:29| Ready to serve requests.
>2005/06/26 21:12:29| Done reading /var/spool/squid swaplog (0 entries)
>2005/06/26 21:12:29| Finished rebuilding storage from disk.
>2005/06/26 21:12:29|         0 Entries scanned
>2005/06/26 21:12:29|         0 Invalid entries.
>2005/06/26 21:12:29|         0 With invalid flags.
>2005/06/26 21:12:29|         0 Objects loaded.
>2005/06/26 21:12:29|         0 Objects expired.
>2005/06/26 21:12:29|         0 Objects cancelled.
>2005/06/26 21:12:29|         0 Duplicate URLs purged.
>2005/06/26 21:12:29|         0 Swapfile clashes avoided.
>2005/06/26 21:12:29|   Took 0.3 seconds (   0.0 objects/sec).
>2005/06/26 21:12:29| Beginning Validation Procedure
>2005/06/26 21:12:29|   Completed Validation Procedure
>2005/06/26 21:12:29|   Validated 0 Entries
>2005/06/26 21:12:29|   store_swap_size = 0k
>2005/06/26 21:12:30| storeLateRelease: released 0 objects
>
>Best regards,
>Vaughan
>
>Mobile: 0412 122 362
>
>
>
>  
>
Maybe does SElinux active in the new server FC4.?

Emilio C.







[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux