Search squid archive

Re: Help with accelerated site

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Amos,
Thanks for your reply and suggestion

I have just done what you suggested and I still couldn't access the internet from my local network
I completely removed "our_network" and the relevant http_access  etc..
But couldn't access the internet



After that I did the following

added and http_port 8080
to the config and up my clients could access the internet and I can still access my backend server from the internet
So normally everything is working fine

I am not sure it's being wise to make squid listen on more than one port, I'll keep a closer eye on it and see what will happen in the next day or two. Anyway this for the benefit of anybody who find themselves in the same or similar situation if you're forced to use http_port 3128 vhost (in order to access your sites from outside i.e Internet)
This is if your sites are on the same webserver on a virtual host

you can use the following
http_port 3128 vhost
http_port 8080 or whatever you want to use for your clients and then simply configure your clients to use that port


I just want to thank everyone here who tried to help

Best regards
Adam
----- Original Message ----- From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx>
To: <squid-users@xxxxxxxxxxxxxxx>
Sent: Monday, March 29, 2010 12:12 AM
Subject: Re:  Help with accelerated site


On Sun, 28 Mar 2010 23:37:38 +0100, "Adam@Gmail" <adbasque@xxxxxxxxxxxxxx>
wrote:
Hi Ron thanks again for your reply
No I think you're a little confused here
I have one network at the moment and is the 192.168.1.0

My Router and proxy are both on the same machine which is 192.168.1.4
My backend server is on 192.168.1.3
Two different machines but on the same network

However if I use this

http_port 80 accel vhost defaultsite=www.mysite.org
 cache_peer 192.168.1.3 parent 81 originserver name=whatever
But the probleme is elsewhere because if I use
http_port 3128 vhost I can access my website both from inside my network
and
from the internet
If I use
http_port 3128 without the vhost my network clients can access the
"Internet" but I can't access my websites (backend server)
This is the situation right now.

Right. Okay. STOP touching the reverse-proxy parts of the config.
You have them working.

"http_port 3128" should stay with no other special flags.


In the config you posted earlier you had these lines:

acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl our_network 192.168.1.0/24

http_access allow manager localhost
http_access deny manager

http_access allow localnet
http_access deny all

http_access allow our_network
http_access deny all


If you read them top to bottom the way Squid reads them you will clearly
see that you have a "deny all" right in the middle. This does exactly what
it says denies ALL access to things which are not permitted above it.

You need to remove the "our_network" ACL completely and adjust the
"localnet" ACL as per the default config instructions so that it only
specifies your internal LAN IP address range(s).

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux