That's right, it was one of the first things I disabled. I don't like things running on my box that I know nothing about what they are doing. Of course, I intend to find out what selinux does and re-enable it once everything else is settled. However, I now have to announce, with egg on my face, that is was the firewall causing the problems. Not sure why it worked before, but I now have to punch a hole from the LAN side into firewall going to port 3128. Of course, FC4 is running a later version of iptables than I was using on RH7.1 as well. Thanks for the help. Best regards, Vaughan Mobile: 0412 122 362 -----Original Message----- From: Gert Brits [mailto:gbrits@xxxxxxxxxxxxxxxxxx] Sent: Monday, June 27, 2005 8:47 PM To: Vaughan@xxxxxxxxxxxx; 'Emilio Casbas' Cc: squid-users@xxxxxxxxxxxxxxx Subject: RE: Squid not starting up after update to Fedora Core4 SO I take it that when you disabled SELinux, it still did not work ? Regards Gert Brits Senior Engineer Technology Concepts Tel +27 11 803 2169 Fax +27 11 803 2189 Web www.techconcepts.co.za -----Original Message----- From: Vaughan Roberts [mailto:Vaughan@xxxxxxxxxxxx] Sent: Monday, June 27, 2005 12:28 PM To: 'Emilio Casbas' Cc: squid-users@xxxxxxxxxxxxxxx Subject: RE: Squid not starting up after update to Fedora Core4 I have disabled selinux in /etc/selinux/conf so that it does not cause additional problems. I am looking at installing ethereal to get some data to help identify the problem. Best regards, Vaughan Mobile: 0412 122 362 -----Original Message----- From: Emilio Casbas [mailto:ecasbas@xxxxxxx] Sent: Monday, June 27, 2005 7:36 PM To: Vaughan@xxxxxxxxxxxx Cc: squid-users@xxxxxxxxxxxxxxx Subject: Re: Squid not starting up after update to Fedora Core4 Vaughan Roberts wrote: >Hi, > >I have been using squid for about 4-5 months successfully on a RedHat >7.1 box which acts as the nat router / firewall between the I-net and >my LAN. A couple of days ago I decided to upgrade to Fedora Core4. I >have now got most things working, but the browers on my LAN clients are >not able to access web-sites. I can ping the web-sites, but the browers are doing nothing. >At first I thought it was a DNS problem, but tcpdump indicates that is >working fine and if I use IP numbers for the web-sites they still don't respond. >I have copied over my squid.conf and iptables setting from 7.1 and >successfully set up the cache directories but I am getting nothing in >access.log or store.log. > >Can anybody see what I am doing wrong, or knows of any utilities that >could clarify what the issue is? > >Here is a decommented copy of the squid.conf file I am using. http_port >3128 icp_port 0 >hierarchy_stoplist cgi-bin ? >acl QUERY urlpath_regex cgi-bin \? >no_cache deny QUERY >cache_mem 32 MB >cache_dir ufs /var/spool/squid 100 16 256 cache_access_log >/var/log/squid/access.log cache_log /var/log/squid/cache.log >cache_store_log /var/log/squid/store.log pid_filename >/var/run/squid.pid debug_options ALL,1 33,2 auth_param basic children 5 >auth_param basic realm Squid proxy-caching web server auth_param basic >credentialsttl 2 hours >refresh_pattern ^ftp: 1440 20% 10080 >refresh_pattern ^gopher: 1440 0% 1440 >refresh_pattern . 0 20% 4320 >acl all src 0.0.0.0/0.0.0.0 >acl manager proto cache_object >acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst >127.0.0.0/255.0.0.0 acl SSL_ports port 443 563 >acl Safe_ports port 80 # http >acl Safe_ports port 8080 # http #2 >acl Safe_ports port 21 # ftp >acl Safe_ports port 443 563 # https, snews >acl Safe_ports port 3128 # squid (is this needed, maybe as I don't allow >1025-65535 below) >acl Safe_ports port 5050:5055 # bpalogin >acl Safe_ports port 123 # ntp >acl Safe_ports port 280 # http-mgmt >acl CONNECT method CONNECT >http_access allow manager localhost >http_access deny manager >http_access deny !Safe_ports >http_access deny CONNECT !SSL_ports >http_access deny to_localhost >acl mylan src 192.168.1.0/255.255.255.224 http_access allow mylan >http_access allow localhost http_access deny all http_reply_access >allow all icp_access allow all cache_mgr root cache_effective_user >squid cache_effective_group squid httpd_accel_port 80 httpd_accel_host >virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on >memory_pools on memory_pools_limit 10 MB cachemgr_passwd disable all >coredump_dir /var/spool/squid > > >Here is what is in my cache.log >2005/06/26 21:12:28| Starting Squid Cache version 2.5.STABLE9 for >i386-redhat-linux-gnu... 2005/06/26 21:12:28| Process ID 7346 >2005/06/26 21:12:28| With 1024 file descriptors available >2005/06/26 21:12:28| DNS Socket created at 0.0.0.0, port 32825, FD 5 >2005/06/26 21:12:28| Adding nameserver 127.0.0.1 from /etc/resolv.conf >2005/06/26 21:12:28| Adding nameserver 144.140.70.16 from /etc/resolv.conf >2005/06/26 21:12:28| Adding nameserver 144.140.71.29 from /etc/resolv.conf >2005/06/26 21:12:28| Adding nameserver 144.140.70.15 from /etc/resolv.conf >2005/06/26 21:12:28| User-Agent logging is disabled. >2005/06/26 21:12:28| Referer logging is disabled. >2005/06/26 21:12:28| Unlinkd pipe opened on FD 10 >2005/06/26 21:12:28| Swap maxSize 102400 KB, estimated 7876 objects >2005/06/26 21:12:28| Target number of buckets: 393 >2005/06/26 21:12:28| Using 8192 Store buckets >2005/06/26 21:12:28| Max Mem size: 32768 KB >2005/06/26 21:12:28| Max Swap size: 102400 KB >2005/06/26 21:12:28| Rebuilding storage in /var/spool/squid (CLEAN) >2005/06/26 21:12:28| Using Least Load store dir selection >2005/06/26 21:12:28| Set Current Directory to /var/spool/squid >2005/06/26 21:12:28| Loaded Icons. >2005/06/26 21:12:29| Accepting HTTP connections at 0.0.0.0, port 3128, FD 12. >2005/06/26 21:12:29| WCCP Disabled. >2005/06/26 21:12:29| Ready to serve requests. >2005/06/26 21:12:29| Done reading /var/spool/squid swaplog (0 entries) >2005/06/26 21:12:29| Finished rebuilding storage from disk. >2005/06/26 21:12:29| 0 Entries scanned >2005/06/26 21:12:29| 0 Invalid entries. >2005/06/26 21:12:29| 0 With invalid flags. >2005/06/26 21:12:29| 0 Objects loaded. >2005/06/26 21:12:29| 0 Objects expired. >2005/06/26 21:12:29| 0 Objects cancelled. >2005/06/26 21:12:29| 0 Duplicate URLs purged. >2005/06/26 21:12:29| 0 Swapfile clashes avoided. >2005/06/26 21:12:29| Took 0.3 seconds ( 0.0 objects/sec). >2005/06/26 21:12:29| Beginning Validation Procedure >2005/06/26 21:12:29| Completed Validation Procedure >2005/06/26 21:12:29| Validated 0 Entries >2005/06/26 21:12:29| store_swap_size = 0k >2005/06/26 21:12:30| storeLateRelease: released 0 objects > >Best regards, >Vaughan > >Mobile: 0412 122 362 > > > > > Maybe does SElinux active in the new server FC4.? Emilio C.