Re: Fedora

[Amos Jeffries <squid3@xxxxxxxxxxxxx>]

Gustavo Lazarte wrote:
> The service is up but is not getting any content from the destination server. Is there a line I need to change to make it forward traffic to my target server?

What type of proxy are you trying to setup?
Your config is for a standard proxy.

Amos

> Thanks
>
>
> -----Original Message-----
> From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
> Sent: Tuesday, September 16, 2008 7:38 AM
> To: Gustavo Lazarte
> Cc: squid-users@xxxxxxxxxxxxxxx
> Subject: Re:  Fedora
>
> Gustavo Lazarte wrote:
> > I upgraded and now when I am trying to use my squid server to send traffic to the site 10.2.0.140 the squid server IP is 10.2.0.150. 
> >
> > I also get the Warning cannot write the log file Permission denied.
> >
> > Then I try the /usr/local/squid/sbin/squid I get cannot write cache.log
> > Permission denied. I use the user nobody for 
> > cache_effective_user
>
> Ah, well, you need to set read+write permission on the log file 
> directory squid is trying to use and the logs inside it.
>
> > /usr/local/squid/sbin/squid -z runs correctly
>
> Thats good. At least the storage area won't have more of these problems 
> when squid does start.
>
> Amos
>
> > Thanks
> >
> >
> >
> >
> > -----Original Message-----
> > From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] 
> > Sent: Saturday, September 13, 2008 11:39 AM
> > To: Gustavo Lazarte
> > Cc: squid-users@xxxxxxxxxxxxxxx
> > Subject: Re:  Fedora
> >
> > Gustavo Lazarte wrote:
> > > I got the service working. Now my old configuration from version 2.4 is not working on 3.0 Stable 2.
> > Please do not use 3.0.stable2 under any circumstances. It does not 
> > perform authentication in any meaningful manner.
> >
> > For you should use something 3.0.stable7+
> >
> > 3.0.stable9 is just out with the most current stability fixes..
> >
> > > In theory the traffic was coming from a load balancer and hit the Proxy server. The proxy server then will request 10.2.0.140 for the content.
> > >
> > > When I try to start the service with my old configuration is having problems with the following lines, is the syntax different?
> > >
> > > acl all src 0.0.0.0/0.0.0.0 ***warning***
> > > | acl manager proto cache_object
> > > | acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 
> > > | 127.0.0.0/8 acl ssl_ports ports 443 563 acl safe_port port 80 acl 
> > > | safe_port ....
> > > | acl connect method connect
> > > | acl mylan src 127.0.0.1 ***Fatal Error***
> > > | acl mysites 10.2.0.140 *** Fatal Error***
> > > | 
> > > | http_access allow manager localhost
> > > | http_access deny manager
> > > | http_access deny !safe_port
> > > | http_access deny to_localhost
> > > | http_access allow mysites
> > > | http_access deny all
> > > | 
> > > | http_reply_access allow MYLAN ***Fatal Error***
> > > | http_reply_access allow all
> > >
> > > Even with the default config I am not able to telnet to port 80 on the squid server.
> > Correct. If squid cannot read it's config it wont be able to start 
> > operating.
> >
> > Use a newer version, and please indicate what the warning messages are.
> > My informed guess is listed below
> >
> >   acl all src ...	
> > ** fully built-in now. no need to specify.
> >
> > acl mylan src 127.0.0.1
> >   ** weird, check that line for extra text or invisible binary 
> > characters. same for the other src one.
> >
> > http_reply_access allow MYLAN
> > http_reply_access allow all
> >
> > ** earlier failure of src ACL above may cause this
> > ** only the allow all is needed.
> >
> > Amos


--
Please use Squid 2.7.STABLE4 or 3.0.STABLE9