Hello Amos, all, Many thanks for taking a look at my config! Comments inline (easier) On Fri, 2010-09-17 at 23:17 +1200, Amos Jeffries wrote: > On 17/09/10 19:32, Nikolaos Pavlidis wrote: > > Hello Amos, all, > > > > Thank you for your response. As far as understanding what you mean I do > > (thats something at least) but I fail to see how this will be syntaxed > > Answers inline. > > > > > My config is as follows please advise(this is not working of course): > > > > # NETWORK OPTIONS > > # > > ----------------------------------------------------------------------------- > > http_port 80 accel defaultsite=www.domain.com vhost > > https_port 443 cert=/etc/squid/uob/sid_domain.crt > > key=/etc/squid/uob/sid_domain.key cafile=/etc/squid/uob/sid_domain.ca > > defaultsite=sid.domain.com vhost > > > > https_port 443 cert=/etc/squid/uob/helpdesk_domain.crt > > key=/etc/squid/uob/helpdesk_domain.key > > cafile=/etc/squid/uob/helpdesk_domain.ca defaultsite=helpdesk.domain.com > > vhost > > The pubic-facing IP address is needed to open multiple same-numbered ports. > > (wrapped for easy reading) > > https_port 10.0.0.1:443 accel vhost defaultsite=sid.domain.com > cert=/etc/squid/uob/sid_domain.crt > key=/etc/squid/uob/sid_domain.key > cafile=/etc/squid/uob/sid_domain.ca > > https_port 10.0.0.2:443 accel vhost defaultsite=helpdesk.domain.com > cert=/etc/squid/uob/helpdesk_domain.crt > key=/etc/squid/uob/helpdesk_domain.key > cafile=/etc/squid/uob/helpdesk_domain.ca > > Unfortunately that did not work! If I define an IP address on the port it just stops working for some reason! squid reloads with no errors but access to the host times out. > > visible_hostname *MailScanner has detected a possible fraud attempt from > > "www.beds.ac.uk" claiming to be* www. <http://www.beds.ac.uk>domain. > > <http://www.beds.ac.uk>com > > unique_hostname cache1.domain.com > > offline_mode off > > icp_port 3130 > > request_body_max_size 32 MB > > > > # OPTIONS WHICH AFFECT THE CACHE SIZE > > # > > ----------------------------------------------------------------------------- > > cache_mem 4096 MB > > maximum_object_size 8 MB > > maximum_object_size_in_memory 256 KB > > > > # LOGFILE PATHNAMES AND CACHE DIRECTORIES > > # > > ----------------------------------------------------------------------------- > > cache_dir aufs /var/cache/squid 61440 16 256 > > emulate_httpd_log on > > logfile_rotate 100 > > logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st > > "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh > > access_log /var/log/squid/access.log combined > > Just for my interest how does forcing apache "common" format with > emulate_httpd_log mix with explicitly forcing a locally defined > "combined" format? > Which one do you expect to be used in the log? > Good spot! DOH! :) > > cache_log /var/log/squid/cache.log > > cache_store_log /var/log/squid/store.log > > Only if you need it. Otherwise: > cache_store_log none > > > debug_options ALL,1,33,3,20,3 > > (space needed between each section,level option pair.) > debug_options ALL,1 33,3 20,3 > Another good one! > > > > # OPTIONS FOR EXTERNAL SUPPORT PROGRAMS > > # > > ----------------------------------------------------------------------------- > > auth_param basic children 10 > > auth_param basic realm Squid proxy-caching web server > > auth_param basic credentialsttl 2 hours > > auth_param basic casesensitive off > > > > # OPTIONS FOR TUNING THE CACHE > > # > > ----------------------------------------------------------------------------- > > refresh_pattern ^ftp: 1440 20% 10080 > > refresh_pattern ^gopher: 1440 0% 1440 > > refresh_pattern -i \.css 1440 50% 2880 override-expire > > refresh_pattern -i \.swf 1440 50% 2880 ignore-reload override-expire > > Missing: > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > That is actually not suggested for our CMS at the moment :/ <snip> The rest were spot on as usual and I applied all of them in the running configuration. Any suggestions on how to proceed with the SSL? Many thanks in advance. Kind regards, Nik -- Nikolaos Pavlidis BSc (Hons) MBCS NCLP CEH CHFI Systems Administrator University Of Bedfordshire Park Square LU1 3JU Luton, Beds, UK Tel: +441582489277 (Ext 2277)
