Hello Amos,
Thanks for your reply and suggestion
I have just done what you suggested and I still couldn't access the internet
from my local network
I completely removed "our_network" and the relevant http_access etc..
But couldn't access the internet
After that I did the following
added and http_port 8080
to the config and up my clients could access the internet and I can still
access my backend server from the internet
So normally everything is working fine
I am not sure it's being wise to make squid listen on more than one port,
I'll keep a closer eye on it and see what will happen in the next day or
two.
Anyway this for the benefit of anybody who find themselves in the same or
similar situation
if you're forced to use http_port 3128 vhost (in order to access your sites
from outside i.e Internet)
This is if your sites are on the same webserver on a virtual host
you can use the following
http_port 3128 vhost
http_port 8080 or whatever you want to use for your clients and then simply
configure your clients to use that port
I just want to thank everyone here who tried to help
Best regards
Adam
----- Original Message -----
From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Monday, March 29, 2010 12:12 AM
Subject: Re: Help with accelerated site
On Sun, 28 Mar 2010 23:37:38 +0100, "Adam@Gmail" <adbasque@xxxxxxxxxxxxxx>
wrote:
Hi Ron thanks again for your reply
No I think you're a little confused here
I have one network at the moment and is the 192.168.1.0
My Router and proxy are both on the same machine which is 192.168.1.4
My backend server is on 192.168.1.3
Two different machines but on the same network
However if I use this
http_port 80 accel vhost defaultsite=www.mysite.org
cache_peer 192.168.1.3 parent 81 originserver name=whatever
But the probleme is elsewhere because if I use
http_port 3128 vhost I can access my website both from inside my network
and
from the internet
If I use
http_port 3128 without the vhost my network clients can access the
"Internet" but I can't access my websites (backend server)
This is the situation right now.
Right. Okay. STOP touching the reverse-proxy parts of the config.
You have them working.
"http_port 3128" should stay with no other special flags.
In the config you posted earlier you had these lines:
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl our_network 192.168.1.0/24
http_access allow manager localhost
http_access deny manager
http_access allow localnet
http_access deny all
http_access allow our_network
http_access deny all
If you read them top to bottom the way Squid reads them you will clearly
see that you have a "deny all" right in the middle. This does exactly what
it says denies ALL access to things which are not permitted above it.
You need to remove the "our_network" ACL completely and adjust the
"localnet" ACL as per the default config instructions so that it only
specifies your internal LAN IP address range(s).
Amos