Dave Coventry wrote:
I cannot get squid to work on Ubuntu 7.10.
I have a DHCP server (IP 192.168.60.254, named 'Base') set uo on the
Ubuntu box which is correctly allocating IPs in the range
192.168.60.100-192.168.60.199 on eth1.
I have eth0 connecting to my router/ADSL Modem and acquiring an IP through DHCP.
I have a laptop running XP (Home) connected to eth1 which reports the
following in response to 'ipconfig'
IP Address ..........192.168.60.199
Default Gateway....192.168.60.254
My Squid /etc/squid/squid.conf is as follows:
############### squid.conf #####################
http_port 3128 transparent
To operate transparent you need:
- squid built with --enable-linux-netfilter on ubuntu
- iptables setup with REDIRECT or DNAT properly
http_port 192.168.60:80 vhost vport=8080
So this is a webserver accelerator too?
Think about adding defaultsite= option to cope with the many broken web
clients that may be accessing your server.
This port is also the cause of your problem. You are running squid as a
non-privileged user. To access a special port <1024 you MUST run squid
as root and let it drop down to unprivileged by itself at the right times.
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl IQNetwork src 192.168.60.0/255.255.255.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow IQNetwork
This might be better after some initial CONNECT etc. protection.
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
icp_access allow all
cache_effective_user squid
cache_effective_group squid
visible_hostname Base
############ end of squid.conf ##################
My /var/log/squid/cache.log looks like this:
################ cache.log ##################
2008/01/04 20:13:48| Starting Squid Cache version 2.6.STABLE14 for
i386-debian-linux-gnu...
2008/01/04 20:13:48| Process ID 8698
2008/01/04 20:13:48| With 1024 file descriptors available
2008/01/04 20:13:48| Using epoll for the IO loop
2008/01/04 20:13:48| DNS Socket created at 0.0.0.0, port 32868, FD 6
2008/01/04 20:13:48| Adding nameserver 192.168.1.254 from /etc/resolv.conf
2008/01/04 20:13:48| User-Agent logging is disabled.
2008/01/04 20:13:48| Referer logging is disabled.
2008/01/04 20:13:48| Unlinkd pipe opened on FD 11
2008/01/04 20:13:48| Swap maxSize 102400 KB, estimated 7876 objects
2008/01/04 20:13:48| Target number of buckets: 393
2008/01/04 20:13:48| Using 8192 Store buckets
2008/01/04 20:13:48| Max Mem size: 8192 KB
2008/01/04 20:13:48| Max Swap size: 102400 KB
2008/01/04 20:13:48| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2008/01/04 20:13:48| Rebuilding storage in /var/spool/squid (CLEAN)
2008/01/04 20:13:48| Using Least Load store dir selection
2008/01/04 20:13:48| Current Directory is /
2008/01/04 20:13:48| Loaded Icons.
2008/01/04 20:13:48| Accepting transparently proxied HTTP connections
at 0.0.0.0, port 3128, FD 13.
2008/01/04 20:13:48| commBind: Cannot bind socket FD 14 to
192.168.0.60:80: (99) Cannot assign requested address
2008/01/04 20:13:48| Accepting ICP messages at 0.0.0.0, port 3130, FD 14.
2008/01/04 20:13:48| HTCP Disabled.
2008/01/04 20:13:48| WCCP Disabled.
2008/01/04 20:13:48| Ready to serve requests.
2008/01/04 20:13:48| Done reading /var/spool/squid swaplog (0 entries)
2008/01/04 20:13:48| Finished rebuilding storage from disk.
2008/01/04 20:13:48| 0 Entries scanned
2008/01/04 20:13:48| 0 Invalid entries.
2008/01/04 20:13:48| 0 With invalid flags.
2008/01/04 20:13:48| 0 Objects loaded.
2008/01/04 20:13:48| 0 Objects expired.
2008/01/04 20:13:48| 0 Objects cancelled.
2008/01/04 20:13:48| 0 Duplicate URLs purged.
2008/01/04 20:13:48| 0 Swapfile clashes avoided.
2008/01/04 20:13:48| Took 0.3 seconds ( 0.0 objects/sec).
2008/01/04 20:13:48| Beginning Validation Procedure
2008/01/04 20:13:48| Completed Validation Procedure
2008/01/04 20:13:48| Validated 0 Entries
2008/01/04 20:13:48| store_swap_size = 0k
2008/01/04 20:13:49| storeLateRelease: released 0 objects
2008/01/04 21:09:28| Preparing for shutdown after 0 requests
2008/01/04 21:09:28| Waiting 30 seconds for active connections to finish
2008/01/04 21:09:28| FD 13 Closing HTTP connection
2008/01/04 21:09:28| Shutting down...
2008/01/04 21:09:28| FD 14 Closing ICP connection
2008/01/04 21:09:28| Closing unlinkd pipe on FD 11
2008/01/04 21:09:28| storeDirWriteCleanLogs: Starting...
2008/01/04 21:09:28| Finished. Wrote 0 entries.
2008/01/04 21:09:28| Took 0.0 seconds ( 0.0 entries/sec).
CPU Usage: 0.016 seconds = 0.008 user + 0.008 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
total space in arena: 2104 KB
Ordinary blocks: 2001 KB 8 blks
Small blocks: 0 KB 0 blks
Holding blocks: 240 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 102 KB
Total in use: 2241 KB 96%
Total free: 102 KB 4%
2008/01/04 21:09:28| Squid Cache (Version 2.6.STABLE14): Exiting normally.
##############end of cache.log #################
My Laptop cannot access the Internet, it just says "Server not found"
I have turned my firewall off with 'iptables -F'
On the Ubuntu box (Base), it will connect but occasionally it too says
"Server not found", however this is usually resolved on clicking the
"Try Again" button.
Can anyone advise me?
--
Please use Squid 2.6STABLE17 or 3.0STABLE1.
There are serious security advisories out on all earlier releases.
