Hi Amos,
Thanks again for your reply, I have tried these two links, I have used them
for one server at a time, or maybe the issue is that I was trying to access
the backend Server which is currently running in virtualhost mode and holds
the 3 websites.
As I said before I have completely uninstalled the previous Squid, I
reinstalled it again this time, configured it and compiled it (manually)
I had some issues with permissions, first the cache logs and then the swap
file directory but it's all sorted.
Now when ever I start Squid with
Squid -NCd 10
I check if everything is running ok, so I get this warning:
ClientParseRequestMethod: Unsupported method attempted by : 111.118.144.225
This is not a bug. see Squid.conf extension methods
ClientProcess Invalid Request.
Let me just point out that first I have no idea where this IP originate
from, I tried Dnsstuff to figure out where it's coming from, I am not sure
if it's a Google crawler or someone else, the information wasn't clear.
But it's definitely not one of my IPs
Second, the proxy at the moment is behind a router and is not connected to
any of "Local" clients yet, I wanted to run it first before I can connect it
as a "Proxy-Router"
How can I prevent this from accessing it because it's persisting connection
it will soon cripple the server.
Does anyone know who owns this IP address please? 111.118.144.225
All I got as info is this
Location: Cambodia [City: Phnom Penh, Phnum Penh]Maybe I need to block their
IP if I can.At the moment the proxy server is set as a standalone machine
connected through a router so I can't understand why is it gettingthese
requests, from outside.Any ideas please?RegardsAdam----- Original
Message -----
From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Friday, March 19, 2010 2:53 PM
Subject: Re: Squid3 issues
Adam@Gmail wrote:
Hi Amos,
Thanks for your comments, All I was doing is hit reply, this is the very
first time ever I used any mailing list
It doesn't matter anymore, I am sorry if I offended anyone, it was not my
intention, when I get an email I simply hit reply
I will try and solve my problems, and if I do get it to work I will
certainly post the solution for future users who might face the same
problem
As for now, I just want to thank you all
I have previously installed an older version of Squid compiled it
manually it wasn't the one packaged with the OS (Ubuntu hardy)
after few days trying to get it to work, I mean as a reverse proxy, with
no luck, I removed it, tried the version 3.0 the one that was packaged
with the Os, I got as far as allowing clients on my network to have
access to the internet and most of other applications on windows XP
couldn't connect.
Windows apps sadly often have to be individually configured for the proxy.
A lot are not able to use proxies at all.
For the MS software on WindowsXP, set the IE "Internet Options" then at
the command line running "proxycfg -u".
That proxycfg -u seems trivial, but it is seriously important for Windows
XP or a lot of HTTP service stuff in the background will not work even
with IE set correctly.
Also worth noting is that proxy auto-detect is not done by several of the
back-end libraries either. Including windows update :(
anyway this time around I have downloaded it again configured it compiled
it and installed it, it's not starting but this is a minor problem, it's
a permission issue rather than anything else.
I just want to say, thank you all, If I do get it to work I will post the
solution as promised if not that means I have moved on and no longer
using Squid3.
I will break it down for others to see and it will hopefully help others:
Here it is:
1) Machine A Proxy-Router
2) Machine DSN DHCP
3) Web-server One www.example.com
4) Web-server Two www.example.org
5) Web-server Three www.example.net
6) IRC-server / Digichat server
Plus 5 Windows clients
I wanted a proxy server in the for two good reasons, one is for
loadbalancing and second for an extra layer of security
Currently I have all of the three websites above running on a single
machine on a virtualhosts, but it's too much for one machine to handle
all the requests.
I always wanted to use a proxy server but I was putting it off.
a) I knew it was going to be a challenge
b) I was trying to get sometime off in order to do it properly
Basically all I wanted for now is to forward all requests to the relevant
backend servers, to which I knew it was going to be a challenge
The "IRC-server / Digichat server" may not be proxy-able at all through
Squid. It depends if they use HTTP services, or if they are accessible via
HTTP.
For the reverse proxying of your websites:
pick one of the web servers to start with and this is the wiki article
you need for that website:
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
Note, the config settings must be going in above all the default
http_access lines currently in your config. The default http_access are
for forward-proxy and will block external access.
Then when thats tested and working, this config describes what to add to
the above to get multiple websites from multiple servers:
http://wiki.squid-cache.org/ConfigExamples/Reverse/MultipleWebservers
At this point or even with just one server setup you may hit the FD
overload problem again.
Why: Squid uses 2-3 FD for every request (client, cache file, and maybe
server connections) and clients like making 4-16 requests in parallel each
these days and make them is persistent for many minutes at a stretch. FD
run out fast.
For reverse-proxies on a fairly used site it may be a good idea to have
many FD available to Squid (64K or even 128K has been cited a needed).
Amos
--
Please be using
Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
Current Beta Squid 3.1.0.18
