Henrique M. wrote:
Amos Jeffries-2 wrote:
acl localhost src 192.168.2.5 # 192.168.2.5 Server IP, 192.168.2.1 Modem
IP
"localhost" is a special term used in networking to mean the IPs 127.0.0.1
and sometimes ::1 as well. When defining an ACL for 'public' squid box IPs
its better to use a different name. The localnet definition covers the
same public IPs anyway so redefining it is not a help here.
So what do you suggest? Should I just erase this line or change it?
Make it back to:
acl localhost src 127.0.0.1
Amos Jeffries-2 wrote:
http_access allow all
This opens the proxy to access from any source on the internet at all.
Zero inbound security. Not good for a long-term solution. I'd suggest
testing with that as a "deny all" to make sure we don't get a
false-success.
Will do that. How about the "icp_access"? What does this command do? Should
I leave it "allow all"?
Allows other machines which have your squid set as a cache_peer to send
ICP requests to you and get replies back. Current Squid default it off
for extra security. Unless you need it, do: icp_access deny all
joost.deheer wrote:
Define "doesn't work". Clients get an error? Won't start? Something else?
Squid seems to starts, but clients can't browse the internet. They get the
default error msg that the browser shows when it can't load the website.
This actualy got me thinking if I am setting up the browser correctly? I'm
typing the servers IP for the proxy address and "3128" for the proxy port,
is that correct?
I believe so yes.
* Make sure its set for HTTP, HTTPS, FTP, and Gopher but not SOCKS
proxy settings. (some may not be present).
* Check the testing client machine can get to squid (ping or such).
Check the cache.log to see if Squid is failing or busy at the time you
are checking.
* make sure that squid is actually running and opened port 3128.
"netstat -antup | grep 3128" or similar commands should say.
joost.deheer wrote:
You could also try to start the proxy with 'squid -N' to start squid as a
console application instead of in daemon mode. The errors should then
appear on your screen.
How should I do that? I tried to start squid with "/etc/init.d/squid -N
start" and "/etc/init.d/squid -N" but I didn't work. I end up finding out
that I could check squid's status and for my surprise I got this message "*
squid is not running.". So how do I start squid so it will show me the
error msgs on screen?
Just "squid -N -Y -d 1" shoudl work. If not find the path to *bin/squid
and run with the full file path/name.
Usually "locate bin/squid" says where squid actually is.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7
