Re: [squid-users] First Time squid Config Problem from Amos Jeffries on 2007-11-01 (squid-users)

From: Amos Jeffries <squid3@dont-contact.us>
Date: Fri, 2 Nov 2007 11:01:10 +1300 (NZDT)

>
> Thanks alot Ill look into that asap.
> And well the Typo error are since I am building Squid on a Gentoo box
> without a Graphical Shell or a Webbrowser ;)
>
> Thanks again Ill look into that asap.
>
>
> Michael Alger-3 wrote:
>>
>> On Thu, Nov 01, 2007 at 03:06:38AM -0700, Robin-Vossen wrote:
>>> My /etc/squid/squid.conf file Is written by myself. And I think I
>>> made a mistake somewere since when I start Squid it crashes.
>>
>> Did you check the squid logs to see what the problem was? The cache
>> log is the one you'll be looking for. Since you didn't define a
>> value for it it'll use the default, which is most likely:
>>
>> /var/log/squid/cache.log
>>
>> You can configure it explicitly using this syntax in the squid
>> config:
>>
>> cache_log /var/log/squid/cache.log
>>
>> (on that subject, I'd also recommend making sure you have an
>> access_log configured as well)
>>
>>> #Squid Config
>>> #Used Doc http://www.visolve.com/squid/squid26/contents.php
>>>
>>> http_port 5629
>>> cache_mem 75 MB
>>> visable_hostname firegate
>>> cache_dir ufs /var/cache/squid 500 16 256
>>> offline_mode on
>>> maximun_object_size 102400 KB
>>> reload_into_ims on
>>> pipeline_prefetch on
>>>
>>> ##Define ACL
>>> acl WAN src 192.168.24.0/255.255.255.0
>>> acl LAN src 192.168.42.0/255.255.255.0
>>> acl all src 0.0.0.0/0.0.0.0
>>> acl busness_hours time M T W H F 8:30-18:00
>>> acl break_time time M T W H F 11:00-14:00
>>> acl BadSites dstdomain "/usr/local/etc/restricted-sites.squid"
>>> acl BadWords url_regex -i "/usr/local/etc/restricted-keywords.squid"
>>> acl BadFiles urlpath_regex -i "/usr/local/etc/restricted-files.squid"
>>> acl ftp proto FTP
>>> acl http proto HTTP
>>> acl ssl proto SSL
>>> acl ssh_port port 22 443 10000
>>> acl Admin-IP src "/usr/local/etc/Admin-IP.squid"
>>> acl Admin-MAC arp "/usr/local/etc/Admin-MAC.squid"
>>> acl User-IP src "/usr/local/etc/User-IP.squid"
>>> acl User-MAC arp "/usr/local/etc/User-MAC.squid"
>>>
>>> ##Laws
>>> allow ssh_ports LAN CONNECT
>>> deny !USer-IP !Admin-IP
>>> deny !User-MAC !Admin-MAC
>>> deny !break_time BadSites User-IP
>>> deny !break_time BadWords User-IP
>>> deny !break_time BadFiles User-IP
>>> allow User-IP business-hours
>>> deny all

Second problem is that all these need to indicate *which* type of access
they are allow/deny'ing.

is it http_access? (usually is, but you need to start the line by saying)

http://www.squid-cache.org/Versions/v2/2.6/cfgman/
is the authoritative config documentation.

Amos
Received on Thu Nov 01 2007 - 16:01:14 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:01 MST