Pretty sure you need to allow items to be cached in addition to http_allow, like this: cache allow <aclname> cache deny all That's what I use in mine. -----Original Message----- From: Henry Yuan [mailto:forwardmy@xxxxxxxxx] Sent: Tuesday, April 19, 2011 2:46 PM To: squid-users@xxxxxxxxxxxxxxx Subject: Re: Squid didn't cache, but forwarding did work Does anyone have some suggestions/hints? I have been trying this entire morning.. On Mon, Apr 18, 2011 at 11:20 PM, Henry Yuan <forwardmy@xxxxxxxxx> wrote: > Hi, > > I got my squid running, and it's forwarding packets to the server on > behalf of its clients. But it seems that squid didn't cache any > content as the access log only showed TCP_MISS. > > Is there something wrong with my configuration file? Thank you in advance. > > Experiment Setup > ========================================================= > Client (192.168.6.81) curl -x 192.168.6.17:8080 > http://192.168.6.33:8080/index.html > Squid(192.168.6.17) squid.conf and access.log file content are > included in this message > Server(192.168.6.33) Runs a simple web server program. > > > squid.conf: > ========================================================= > # > # Recommended minimum configuration: > # > acl manager proto cache_object > acl localhost src 127.0.0.1/32 ::1 > acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 > > # Example rule allowing access from your local networks. > # Adapt to list your (internal) IP networks from where browsing # > should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible > internal network acl localnet src 172.16.0.0/12 # RFC1918 possible > internal network acl localnet src 192.168.0.0/16 # RFC1918 possible > internal network acl localnet src fc00::/7 # RFC 4193 local > private network range acl localnet src fe80::/10 # RFC 4291 > link-local (directly > plugged) machines > > acl SSL_ports port 443 > acl Safe_ports port 8080 # http acl Safe_ports port 21 > # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 > # gopher acl Safe_ports port 210 # wais acl Safe_ports port > 1025-65535 # unregistered ports acl Safe_ports port 280 # > http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports > port 591 # filemaker acl Safe_ports port 777 # > multiling http acl CONNECT method CONNECT > > # > # Recommended minimum Access Permission configuration: > # > # Only allow cachemgr access from localhost http_access allow manager > localhost http_access deny manager > > # Deny requests to certain unsafe ports http_access deny !Safe_ports > > # Deny CONNECT to other than secure SSL ports http_access deny CONNECT > !SSL_ports > > # We strongly recommend the following be uncommented to protect > innocent # web applications running on the proxy server who think the > only # one who can access services on "localhost" is a local user > #http_access deny to_localhost > > # > # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # > > # Example rule allowing access from your local networks. > # Adapt localnet in the ACL section to list your (internal) IP > networks # from where browsing should be allowed http_access allow > localnet http_access allow localhost > > # And finally deny all other access to this proxy http_access deny all > > # Squid normally listens to port 3128 > #http_port 3128 transparent > http_port 192.168.6.17:8080 > > # We recommend you to use at least the following line. > hierarchy_stoplist cgi-bin ? > > # Uncomment and adjust the following to add a disk cache directory. > cache_dir ufs /users/user/squid/var/cache 100 16 256 > > # Leave coredumps in the first cache dir coredump_dir > /users/user/squid/var/cache > > # Add any of your own refresh_pattern entries above these. > refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern > ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) > 0 0% 0 refresh_pattern . 0 20% 4320 > > > access.log > ========================================================= > > 1303185668.737 2 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185670.168 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185671.600 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185698.319 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185844.995 2 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185850.810 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185853.930 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185858.533 100 192.168.6.81 TCP_MISS/503 3706 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > 1303185864.161 1 192.168.6.81 TCP_MISS/200 238 GET > http://192.168.6.33:8080/index.html - DIRECT/192.168.6.33 text/html > > > > Thanks, > Henry >
