Kurt Buff wrote:
On Thu, Nov 12, 2009 at 16:49, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
The squidclient tool fits into the niche gap between telnet and lynx.
Allowing a simple input of the request URL and optional other details and
producing a dump of the results. It has no large dependencies.
To test through the proxy:
squidclient http://example.com/
To test without proxy:
squidclient -h example.com -p 80 /
I am unable to perform the test as described. I seem to have a
configuration issue in Squid, as I get the error output listed below
when trying issuing, for example, 'squidclient http://www.example.com'
- but 'squidclient -h example.com -p 80 /' works just fine. I'm not
sure what to change in squid.conf to fix this. The IP address of the
is in the 192.168.8.0/24 subnet, if that matters.
Ah, yes. You don't allow localhost access to the proxy.
In which case for you it is:
squidclient -h $PROXYIP http://example.com/
Kurt
<snip>
----------Begin Squid.conf-----------
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
cache_mem 1536 MB
cache_dir aufs /squid 54476 512 1024
logformat combined %>a %>A %<A [%tl] "%rm %ru HTTP/%rv" %Hs %<st
"%{Referer}>h" "%{User-Agent}>h" %Ss
access_log syslog combined
access_log /usr/local/squid/logs/access.log combined
logfile_rotate 90
acl QUERY urlpath_regex cgi-bin \?
# acl all src 0.0.0.0/0.0.0.0
acl our_networks src 10.0.0.0/8 192.168.8.0/24 192.168.10.0/24
192.168.11.0/24 192.168.12.0/24 192.168.13.0/24 192.168.15.0/24
192.168.24.0/24
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
localnet is the 3.x name for our_networks. You can use your
"our_networks" list and drop the other out of the config entirely.
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Header_access lines below added to alleviate issue with downloading PDFs
# 2009-05-12
request_header_access Unless-Modified-Since deny all
request_header_access Translate deny all
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow our_networks
http_access deny all
The above "http_access deny all" entry prevents all following
http_access lines from ever working.
http_reply_access allow all
http_access allow localnet
http_access deny all
Same again here on this one.
# MSN Messenger
acl msn urlpath_regex -i gateway.dll
acl msnd dstdomain messenger.msn.com gateway.messenger.hotmail.com
acl msn1 req_mime_type application/x-msn-messenger
http_access allow msnd
http_access allow msn
http_access allow msn1
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
Please use the pattern:
-i (/cgi-bin/|?)
refresh_pattern . 0 20% 4320
visible_hostname zsquid2.mycompany.com
icp_port 3130
coredump_dir /usr/local/squid/cache
----------End Squid.conf----------
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE20
Current Beta Squid 3.1.0.14