hi, thanks, yes I did reboot. [root@dxb-squid34 ~]# cat /etc/squid/squid.conf ######################################################################### ######################################################################### ### ### MAIN v01-PROX ### ######################################################################### ######################################################################### # Listen Port http_port 8081 ######################################################################### ######################################################################### ### ### ACL DEFINITIONS ### ######################################################################### ######################################################################### #acl CONNECT method CONNECT #deny_info http://10.11.1.25/bannedfiles.php CONNECT acl allowfiles dstdomain "/etc/squid/local/good/files" http_access allow allowfiles acl allow50MBfiles urlpath_regex -i "/etc/squid/local/good/allow50MBfiles" http_access allow allow50MBfiles acl blockfiles urlpath_regex -i "/etc/squid/local/bad/blockfiles" deny_info http://10.11.1.25/bannedfiles.php blockfiles http_access deny blockfiles #acl blockhttps dstdomain -i "/etc/squid/local/bad/blockhttps" #deny_info http://10.11.1.25/bannedfiles.php blockhttps #http_access deny CONNECT blockhttps ######################################################################### acl AdminBoxes src 127.0.0.1 acl Purge method PURGE http_access allow AdminBoxes Purge http_access deny Purge ######################################################################### ######################################################################### ### ### ACL NETWORKS ### ######################################################################### ######################################################################### ######## acl polarcus-rd src 10.0.0.0/8 acl polarcus-rd-dst dst 10.0.0.0/8 acl polarcus-rd-dst dst x/22 acl polarcus-rd-v01 dst 10.x.0.0/16 acl survopt dst x/26 # Company Internal Sites acl dxb-rd src 10.x.0.0/14 acl sto-rd src 10.x.0.0/16 acl v01-rd src 10.x.0.0/16 acl v02-rd src 10.x.0.0/16 acl v03-rd src 10.x.0.0/16 acl v04-rd src 10.x.0.0/16 acl v05-rd src 10.x.0.0/16 acl v06-rd src 10.x.0.0/16 acl v07-rd src 10.x.0.0/16 acl v08-rd src 10.x.0.0/16 acl v2v-rd src x.16.64.0/22 # Current Site Specific ... # Misc #acl manager proto cache_object acl localhost src 10.11.1.29/32 acl to_localhost dst 10.11.1.29/32 # Safe ports acl SSL_ports port 443 21 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http # Connect Methods acl CONNECT method CONNECT # For FTP acl FTP proto FTP ######################################################################### ######################################################################### ### ### ACL RULES - ACCES DENIED / GRANTED ### ######################################################################### ######################################################################### # Only allow cachemgr access from localhost http_access allow manager #http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # Deny access to web services on localhost http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS ######### ... #http_access deny social-sites #http_access deny banned-sites # Finally deny all other access to this proxy http_access allow localhost http_access deny all ######################################################################### ######################################################################### ### ### OTHER TAGS ### ######################################################################### ######################################################################### # Make sure we only use the indirect client and not the X-Forwarded-For list acl_uses_indirect_client on delay_pool_uses_indirect_client on log_uses_indirect_client on # The following are needed only if your upstream proxy is using NTLM authentication #client_persistent_connections on #server_persistent_connections on #persistent_connection_after_error on ######################################################################### ######################################################################### ### ### UPSTREAM PROXY SETTINGS ### ######################################################################### ######################################################################### # Setup Peer (downstream proxy) #cache_peer sto-prox.plcs.local parent 8081 0 default no-query no-delay # Never allow requests directly to the Internet but allow local networks except these always_direct allow survopt always_direct allow x-rd-dst cache deny x-rd-dst #never_direct allow all always_direct allow all # Always direct for FTP always_direct allow FTP # How long before peer is considered DEAD #dead_peer_timeout 172800 seconds # Handle directly and do not query partner cache # hierarchy_stoplist cgi-bin ? ######################################################################### ######################################################################### ### ### MEMORY CACHE OPTIONS ### ######################################################################### ######################################################################### memory_pools off # Set highwateer in memory cache limit cache_mem 2 GB # Maximum size of cached objects in memory maximum_object_size_in_memory 500 KB # Set the Cache Replacement Policy. Either retain popular small files (GDSF) or just popular files regardless of size (LFUDA) # Default is LRU wich is recently referenced objects. memory_replacement_policy heap GDSF # Enable pre-allocated memory memory_pools_limit 1 GB ######################################################################### ######################################################################### ### ### DISK CACHE OPTIONS ### ######################################################################### ######################################################################### # Set the Cache Replacement Policy. Either retain popular small files (GDSF) or just popular files regardless of size (LFUDA) # Default is LRU wich is recently referenced objects. cache_replacement_policy heap LFUDA # Setup the cache dir cache_dir rock /cache1/squid 5000 max-size=3200 swap-timeout=300 max-swap-rate=100 cache_dir aufs /cache2/squid 67000 16 256 max-size=500000 cache_dir aufs /cache3/squid 67000 16 256 max-size=5000000 cache_dir aufs /cache4/squid 67000 16 256 max-size=100000000 # Max size of objects in cache #maximum_object_size 100000000 # Swap low and high watermarks cache_swap_low 90 cache_swap_high 95 ######################################################################### ######################################################################### ### ### LOGGING OPTIONS ### ######################################################################### ######################################################################### # Log files access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log # Log everything #log_access allow all # Don't strip query strip_query_terms off # Rotate Log files logfile_rotate 0 ######################################################################### ######################################################################### ### ### FTP OPTIONS ### ######################################################################### ######################################################################### # Setup anonymous FTP user # No passive FTP ftp_passive off ######################################################################### ######################################################################### ### ### CACHE TUNING ### ######################################################################### ######################################################################### # Don't cache the following acl QUERY urlpath_regex cgi-bin \? cache deny QUERY # How long is data, without explicit "expire by: date, considered fresh refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 ignore-no-cache ignore-reload refresh_pattern -i \.jpg$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.gif$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.png$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.gif$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.png$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.jpeg$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.bmp$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.tif$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.tiff$ 0 50% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.html$ 0 20% 1440 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.htm$ 0 20% 1440 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.shtml$ 0 20% 1440 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.shtm$ 0 20% 1440 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.nub$ 2880 80% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.css$ 2880 80% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.js$ 2880 80% 21600 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern \.asis$ 1440 50% 20160 refresh_pattern -i \.art$ 10080 80% 43200 refresh_pattern -i \.qtm$ 10080 80% 40320 reload-into-ims refresh_pattern -i \.viv$ 10080 80% 40320 reload-into-ims refresh_pattern -i \.pdf$ 10080 80% 40320 reload-into-ims refresh_pattern -i \.ico$ 10080 80% 40320 reload-into-ims refresh_pattern -i \.doc$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.ppt$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.tiff$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.ram$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.rm$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.rpm$ 10080 80% 40320 override-expire override-lastmod reload-into-ims ignore-reload refresh_pattern -i \.txt$ 1440 80% 20160 reload-into-ims override-lastmod refresh_pattern -i \.arj$ 2880 80% 40320 refresh_pattern -i \.Z$ 10080 80% 40320 refresh_pattern ^ftp: 1440 50% 10080 refresh_pattern ^gopher: 1440 10% 1440 refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-no-store ignore-private refresh_pattern -i \.(deb|rpm|exe|zip|tar|tgz|ram|rar|bin|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-no-store ignore-private refresh_pattern . 0 40% 40320 # cache updates refresh_pattern -i .*microsoft\.com/.*\.(cab|exe|msi|msp) 259200 100% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private refresh_pattern -i .*windowsupdate\.com/.*\.(cab|exe|msi|msp) 259200 100% 259200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private range_offset_limit 100 MB; refresh_pattern ([^.]+.|)java.com/.*\.(zip|exe) 43200 100% 43200 reload-into-ims refresh_pattern ([^.]+.|)adobe.com/.*\.(zip|exe) 43200 100% 43200 reload-into-ims refresh_pattern ([^.]+.|)(download|adcdownload).(apple.|)com/.*\.(pkg|dmg) 4320 100% 43200 reload-into-ims #Facebook Pages refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 129600 99% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|) 129600 99% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 129600 99% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 129600 99% 129600 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale #Facebook Games refresh_pattern /apps.facebook.com.*\/ 10080 99% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store store-stale refresh_pattern -i \.zynga.com.*\/ 10080 99% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale refresh_pattern -i \.farmville.com.*\/ 10080 99% 43200 ignore-reload override-expire ignore-no-cache ignore-no-store ignore-must-revalidate store-stale #All File refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 43200 99% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 43200 99% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 43200 99% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 43200 99% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 43200 99% 43200 ignore-no-cache ignore-no-store ignore-must-revalidate override-expire override-lastmod reload-into-ims store-stale refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # We do NOT want files aborted to be continued to be downloaded quick_abort_min 0 KB quick_abort_max 0 KB #quick_abort_pct 100 # Read-a-head #read_ahead_gap 16 KB # Never fetch more than the client requests range_offset_limit 0 ######################################################################### ######################################################################### ### ### HTTP OPTIONS ### ######################################################################### ######################################################################### # Maximum size for HTTP headers in a request request_header_max_size 64 KB # Maximum size for HTTP headers in a reply reply_header_max_size 64 KB # Maximum size for an HTTP request body #request_body_max_size 100 MB # Maximum size for an HTTP reply body reply_body_max_size 50 MB allow50MBfiles reply_body_max_size 5 MB !allowfiles !allow50MBfiles # Remove Via header in requests via off # Fix buggy web servers #acl apache rep_header Server ^Apache #broken_vary_encoding allow apache # Hide originating IP forwarded_for off # Send hostname visible_hostname x.plcs.local ## AD-ZAPPER #redirect_program /etc/squid/squid_redirect ### LOG FQDN IN LOGS ### DNS OPTIONS negative_ttl 1 minute positive_dns_ttl 15 hour negative_dns_ttl 20 second dns_nameservers x ### VARIOUS OPTIMIZATIONS read_timeout 30 seconds request_timeout 30 seconds pconn_timeout 30 seconds half_closed_clients off shutdown_lifetime 10 seconds ### SPLIT TRAFFIC DEPENDING ON SOURCE ### MSN MESSENGER acl msnmime req_mime_type ^application/x-msn-messenger acl msnd dstdomain messenger.msn.com gateway.messenger.hotmail.com http_access allow msnmime http_access allow msnd redirect_program /usr/bin/squidGuard -c /etc/squid/squidguard-blacklists.conf redirect_children 100 redirector_bypass on cache_mgr x max_filedesc 4096 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-not-listening-on-any-port-tp4667004p4667390.html Sent from the Squid - Users mailing list archive at Nabble.com.
