Amos Jeffries-2 wrote: > > Henrique M. wrote: >> >> Amos Jeffries-2 wrote: >>> acl localhost src 192.168.2.5 # 192.168.2.5 Server IP, 192.168.2.1 >>> Modem >>> IP >>> >>> "localhost" is a special term used in networking to mean the IPs >>> 127.0.0.1 >>> and sometimes ::1 as well. When defining an ACL for 'public' squid box >>> IPs >>> its better to use a different name. The localnet definition covers the >>> same public IPs anyway so redefining it is not a help here. >>> >> >> So what do you suggest? Should I just erase this line or change it? > > Make it back to: > acl localhost src 127.0.0.1 > >> >> >> Amos Jeffries-2 wrote: >>> http_access allow all >>> >>> This opens the proxy to access from any source on the internet at all. >>> Zero inbound security. Not good for a long-term solution. I'd suggest >>> testing with that as a "deny all" to make sure we don't get a >>> false-success. >>> >> >> Will do that. How about the "icp_access"? What does this command do? >> Should >> I leave it "allow all"? > > Allows other machines which have your squid set as a cache_peer to send > ICP requests to you and get replies back. Current Squid default it off > for extra security. Unless you need it, do: icp_access deny all > >> >> >> joost.deheer wrote: >>> Define "doesn't work". Clients get an error? Won't start? Something >>> else? >>> >> >> Squid seems to starts, but clients can't browse the internet. They get >> the >> default error msg that the browser shows when it can't load the >> website. >> This actualy got me thinking if I am setting up the browser correctly? >> I'm >> typing the servers IP for the proxy address and "3128" for the proxy >> port, >> is that correct? > > I believe so yes. > * Make sure its set for HTTP, HTTPS, FTP, and Gopher but not SOCKS > proxy settings. (some may not be present). > > * Check the testing client machine can get to squid (ping or such). > Check the cache.log to see if Squid is failing or busy at the time you > are checking. > > * make sure that squid is actually running and opened port 3128. > "netstat -antup | grep 3128" or similar commands should say. > >> >> >> joost.deheer wrote: >>> You could also try to start the proxy with 'squid -N' to start squid as >>> a >>> console application instead of in daemon mode. The errors should then >>> appear on your screen. >>> >> >> How should I do that? I tried to start squid with "/etc/init.d/squid -N >> start" and "/etc/init.d/squid -N" but I didn't work. I end up finding >> out >> that I could check squid's status and for my surprise I got this message >> "* >> squid is not running.". So how do I start squid so it will show me the >> error msgs on screen? > > Just "squid -N -Y -d 1" shoudl work. If not find the path to *bin/squid > and run with the full file path/name. > Usually "locate bin/squid" says where squid actually is. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14 > Current Beta Squid 3.1.0.7 > > Thanks a lot Amos, Squid is now working on server and on client machines. I figured that squid wasn't running because there were a few folders that were not available for squid to use (probably cache folders). This is actually something that I would like to understand. Does squid cache files and webpages automatically or do I have to add a few command lines to enable it? How about the about of memory RAM used by squid and the amount of disk available for cache? Do I have to set this up or not? If not what are the default values? -- View this message in context: http://www.nabble.com/Getting-error-msgs-when-trying-to-start-squid-tp22933693p23318899.html Sent from the Squid - Users mailing list archive at Nabble.com.
