Hi, That is exactly the configuration I have. Fedora Server for 20 clients, firewall, chache. Internal static, external dinamic. I think you really changed a lot on squid.conf, should begin with standard configuration and change one thing at time. I won´t use macaddress as a parameter, in fact I use internal ip´s. Regards. --- Kumara Jayaweera <kumara.jayaweera@xxxxxxxxx> escribió: > Greetings! to all, > Please, look into my problem and help me. I am quite > a newbie squidish. > 1. my squid server is ready for serve requests. > 2. it is on a firewall too. > 3.WAN connection (DSL) from eth0 is with DHCP. but > my LAN connection is > (eth1) with static IP. > 4.client's access is given by MAC address, no other > authentication is > required. > 5. almost all the settings as per the default values > in squid.conf. (pls, > somebody figure me out what is unnecessary for me in > my squid.conf file > which I don't understand). > 6. I want Firewall+proxy+caching for my LAN of 20 > PCs. > 7. My problem is I can not connect IE clients to the > Squid server with my > settings (pls see, given below squid.conf file). > 8. Since I am a newbie, I hope your generous > assistance. > 9. Pls, see below for my squid.conf file and squid > -NCd1 command. > > [root@proxy ~]# /usr/local/squid/sbin/squid -NCd1 > 2005/07/30 17:56:57| Starting Squid Cache version > 2.5.STABLE10 for > i686-pc-linux -gnu... > 2005/07/30 17:56:57| Process ID 3901 > 2005/07/30 17:56:57| With 1024 file descriptors > available > 2005/07/30 17:56:57| Performing DNS Tests... > 2005/07/30 17:56:57| Successful DNS name lookup > tests... > 2005/07/30 17:56:57| DNS Socket created at 0.0.0.0, > port 32769, FD 4 > 2005/07/30 17:56:57| Adding nameserver 62.149.114.7 > from /etc/resolv.conf > 2005/07/30 17:56:57| Adding nameserver > 212.118.133.101 from /etc/resolv.conf > 2005/07/30 17:56:57| Unlinkd pipe opened on FD 9 > 2005/07/30 17:56:57| Swap maxSize 102400 KB, > estimated 7876 objects > 2005/07/30 17:56:57| Target number of buckets: 393 > 2005/07/30 17:56:57| Using 8192 Store buckets > 2005/07/30 17:56:57| Max Mem size: 32768 KB > 2005/07/30 17:56:57| Max Swap size: 102400 KB > 2005/07/30 17:56:57| Rebuilding storage in > /usr/local/squid/var/cache > (CLEAN) > 2005/07/30 17:56:57| Using Least Load store dir > selection > 2005/07/30 17:56:57| Set Current Directory to > /usr/local/squid/var/cache > 2005/07/30 17:56:57| Loaded Icons. > 2005/07/30 17:56:57| Accepting HTTP connections at > 0.0.0.0, port 3128, FD > 11. > 2005/07/30 17:56:57| Accepting ICP messages at > 0.0.0.0, port 3130, FD 12. > 2005/07/30 17:56:57| WCCP Disabled. > 2005/07/30 17:56:57| Ready to serve requests. > 2005/07/30 17:56:58| Done reading > /usr/local/squid/var/cache swaplog (0 > entries) > 2005/07/30 17:56:58| Finished rebuilding storage > from disk. > 2005/07/30 17:56:58| 0 Entries scanned > 2005/07/30 17:56:58| 0 Invalid entries. > 2005/07/30 17:56:58| 0 With invalid flags. > 2005/07/30 17:56:58| 0 Objects loaded. > 2005/07/30 17:56:58| 0 Objects expired. > 2005/07/30 17:56:58| 0 Objects cancelled. > 2005/07/30 17:56:58| 0 Duplicate URLs > purged. > 2005/07/30 17:56:58| 0 Swapfile clashes > avoided. > 2005/07/30 17:56:58| Took 0.8 seconds ( 0.0 > objects/sec). > 2005/07/30 17:56:58| Beginning Validation Procedure > 2005/07/30 17:56:58| Completed Validation > Procedure > 2005/07/30 17:56:58| Validated 0 Entries > 2005/07/30 17:56:58| store_swap_size = 0k > 2005/07/30 17:56:58| storeLateRelease: released 0 > objects > > *********************** > and my squid conf. file. > *********************** > http_port 3128 > icp_port 3130 > udp_incoming_address 0.0.0.0 > udp_outgoing_address 255.255.255.255 > icp_query_timeout 0 > maximum_icp_query_timeout 2000 > mcast_icp_query_timeout 3000 > dead_peer_timeout 10 seconds > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > no_cache deny QUERY > cache_mem 32 MB > cache_swap_low 90 > cache_swap_high 95 > maximum_object_size 320010 KB > minimum_object_size 0 KB > maximum_object_size_in_memory 16 KB > ipcache_size 2048 > ipcache_low 90 > ipcache_high 95 > fqdncache_size 1024 > cache_replacement_policy lru > memory_replacement_policy lru > cache_dir ufs /usr/local/squid/var/cache 100 16 256 > cache_access_log > /usr/local/squid/var/logs/access.log > cache_log /usr/local/squid/var/logs/cache.log > cache_store_log /usr/local/squid/var/logs/store.log > emulate_httpd_log off > log_ip_on_direct on > mime_table /usr/local/squid/etc/mime.conf > log_mime_hdrs off > pid_filename /usr/local/squid/var/logs/squid.pid > debug_options ALL,1 > log_fqdn on > client_netmask 255.255.255.0 > ftp_list_width 32 > ftp_passive on > ftp_sanitycheck on > #ftp_telnet_protocol on > dns_retransmit_interval 5 seconds > dns_timeout 2 minutes > #defnames off > hosts_file /etc/hosts > diskd_program /usr/local/squid/libexec/diskd > unlinkd_program /usr/local/squid/libexec/unlinkd > redirect_children 5 > redirect_rewrites_host_header on > authenticate_cache_garbage_interval 1 hour > authenticate_ttl 1 hour > authenticate_ip_ttl 200 seconds > request_header_max_size 20 KB > request_body_max_size 0 KB > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern . 0 20% 4320 > quick_abort_min 16 KB > quick_abort_max 16 KB > quick_abort_pct 95 > negative_ttl 5 minutes > positive_dns_ttl 6 hours > negative_dns_ttl 1 minute > range_offset_limit 0 KB > forward_timeout 4 minutes > connect_timeout 1 minute > peer_connect_timeout 30 seconds > read_timeout 15 minutes > request_timeout 5 minutes > persistent_request_timeout 1 minute > client_lifetime 1 day > half_closed_clients off > pconn_timeout 120 seconds > ident_timeout 10 seconds > shutdown_lifetime 30 seconds > > # ACCESS CONTROLS > # > -------------------------------------------------------------------------- > --- > #Recommended minimum configuration: > acl all src 0.0.0.0/0.0.0.0 > #acl manager proto cache_object > #acl localhost src 127.0.0.1/255.255.255.255 > #acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 563 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 563 # https, snews > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT > #http_access deny all > #http_access allow manager localhost > #http_access deny manager > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > acl our_networks src 192.168.1.0/24 > #acl our_networks src 192.168.1.0/24 192.168.2.0/24 > (Ex: for future kumara) > http_access allow our_networks > http_access deny all > #http_reply_access allow all > #icp_access allow all > #miss_access allow all > === message truncated === __________________________________________________ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.espanol.yahoo.com/
