In trying to configure the squid.conf file to cache windows updates as per the wiki on this page here: http://wiki.squid-cache.org/SquidFaq/WindowsUpdate <http://wiki.squid-cache.org/SquidFaq/WindowsUpdate> I am having trouble getting squid to run. If I paste this code: > acl windowsupdate dstdomain windowsupdate.microsoft.com > acl windowsupdate dstdomain .update.microsoft.com > acl windowsupdate dstdomain download.windowsupdate.com > acl windowsupdate dstdomain redir.metaservices.microsoft.com > acl windowsupdate dstdomain images.metaservices.microsoft.com > acl windowsupdate dstdomain c.microsoft.com > acl windowsupdate dstdomain www.download.windowsupdate.com > acl windowsupdate dstdomain wustat.windows.com > acl windowsupdate dstdomain crl.microsoft.com > acl windowsupdate dstdomain sls.microsoft.com > acl windowsupdate dstdomain productactivation.one.microsoft.com > acl windowsupdate dstdomain ntservicepack.microsoft.com > > acl CONNECT method CONNECT > acl wuCONNECT dstdomain www.update.microsoft.com > acl wuCONNECT dstdomain sls.microsoft.com * > http_access allow CONNECT wuCONNECT localnet * > * > http_access allow windowsupdate localnet * . . . into my squid.conf file and save it. Squid will not restart properly. when I try to restart it i get this message: > stop: Unknown instance: > squid3 start/running, process 4374 If I run 'top' I don't see it running there either. The only way I can get the squid3 service to show that it stops and restarts (and to show running again when I type in 'top' ) is if the code that I have in bold above is commented out . . . That would be these lines: * > http_access allow CONNECT wuCONNECT localnet * > * > http_access allow windowsupdate localnet * Under the section labelled "*How do I stop Squid popping up the Authentication box for Windows Update?*" The first line before the code says: > Add the following to your squid.conf, assuming you have defined localnet > to mean your local clients. It 'MUST' be added near the top before any ACL > that require authentication. All I was doing was using the default ACL settings that come when Squid is installed, and I entered the code immediately after this default setting in the conf file: > # Recommended minimum configuration: > # > acl manager proto cache_object > acl localhost src 127.0.0.1/32 ::1 > acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 > > # Example rule allowing access from your local networks. > # Adapt to list your (internal) IP networks from where browsing > # should be allowed > #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network > #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network > #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network > #acl localnet src fc00::/7 # RFC 4193 local private network range > #acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) > machines > > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl CONNECT method CONNECT Do I have to "*defined localnet to mean your local clients*"? Right now the DHCP network is assigning ips in this range: 192.168.1.0/24 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/defined-localnet-to-mean-your-local-clients-tp4661726.html Sent from the Squid - Users mailing list archive at Nabble.com.
