Search squid archive

Re: Upgrade of SQUID from 3.1 to 3.2 on Freebsd 8.3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eliezer Croitoru skrev 2012-11-22 15:19:

Next time just clean the file first to make it more readable:
use the command cat squid.conf|sed 's/^[ \t]*//'|sed 's/^#.*//'|sed '/^$/d'

##start
http_port 127.0.0.1:8080 intercept
http_port 172.18.0.1:8080 intercept
hierarchy_stoplist cgi-bin ? php asp
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
maximum_object_size 100 MB
cache_dir ufs /usr/local/squid/cache 1024 16 256
cache_store_log none
access_log /usr/local/squid/logs/access.log squid
logfile_rotate 2
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern (cgi-bin|\?)    0       0%      0
refresh_pattern .               0       20%     4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
#acl localnet src 172.18.0.1-172.18.0.254
#try to change this into
acl localnet src 172.18.0.0/24

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 591         # filemaker
acl CONNECT method CONNECT
acl PURGE method PURGE
http_access allow manager localhost
http_access deny manager
http_access allow PURGE localhost
http_access deny PURGE
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all
icp_access allow localnet
icp_access deny all
#remove these if you want to remove something
visible_hostname ZZZZ
cache_mgr YYY
buffered_logs on
coredump_dir /usr/local/squid/cache
##end

it seems to me like forward proxy and the only reason I can think of to
not work is:
Missing credentials related settings.
With the current config file squid only allows users with specific SRC
ip which are only localhost\127.0.0.1/8 and a range of 172.18.0.0/24/
Also you didnt posted the access.log output for the request but it seem
like you have one missing ACL.

What are the IPFW rules for interception?

Eliezer



I'll remember to clean the file next time.
I've got the access.log. It's quite a large file and there are no timestamps so that I could clean it and post the relevant information. 

How should I do?

Thanks

/Leslie
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux