[squid-users] defined localnet to mean your local clients ???

In trying to configure the squid.conf file to cache windows updates as per
the wiki on this page here:

http://wiki.squid-cache.org/SquidFaq/WindowsUpdate
<http://wiki.squid-cache.org/SquidFaq/WindowsUpdate>

I am having trouble getting squid to run.
If I paste this code:

> acl windowsupdate dstdomain windowsupdate.microsoft.com
> acl windowsupdate dstdomain .update.microsoft.com
> acl windowsupdate dstdomain download.windowsupdate.com
> acl windowsupdate dstdomain redir.metaservices.microsoft.com
> acl windowsupdate dstdomain images.metaservices.microsoft.com
> acl windowsupdate dstdomain c.microsoft.com
> acl windowsupdate dstdomain www.download.windowsupdate.com
> acl windowsupdate dstdomain wustat.windows.com
> acl windowsupdate dstdomain crl.microsoft.com
> acl windowsupdate dstdomain sls.microsoft.com
> acl windowsupdate dstdomain productactivation.one.microsoft.com
> acl windowsupdate dstdomain ntservicepack.microsoft.com
>
> acl CONNECT method CONNECT
> acl wuCONNECT dstdomain www.update.microsoft.com
> acl wuCONNECT dstdomain sls.microsoft.com
*
> http_access allow CONNECT wuCONNECT localnet
*
>
*
> http_access allow windowsupdate localnet
*

. . . into my squid.conf file and save it. Squid will not restart properly.

when I try to restart it i get this message:

> stop: Unknown instance:
> squid3 start/running, process 4374

If I run 'top' I don't see it running there either.

The only way I can get the squid3 service to show that it stops and restarts
(and to show running again when I type in 'top' ) is if the code that I have
in bold above is commented out . . . That would be these lines:

*
> http_access allow CONNECT wuCONNECT localnet
*
>
*
> http_access allow windowsupdate localnet
*

Under the section labelled "*How do I stop Squid popping up the
Authentication box for Windows Update?*"

The first line before the code says:

> Add the following to your squid.conf, assuming you have defined localnet
> to mean your local clients. It 'MUST' be added near the top before any ACL
> that require authentication.

All I was doing was using the default ACL settings that come when Squid is
installed, and I entered the code immediately after this default setting in
the conf file:

> # Recommended minimum configuration:
> #
> acl manager proto cache_object
> acl localhost src 127.0.0.1/32 ::1
> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
>
> # Example rule allowing access from your local networks.
> # Adapt to list your (internal) IP networks from where browsing
> # should be allowed
> #acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
> #acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
> #acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
> #acl localnet src fc00::/7 # RFC 4193 local private network range
> #acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)
> machines
>
> acl SSL_ports port 443
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 # https
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT

Do I have to "*defined localnet to mean your local clients*"?
Right now the DHCP network is assigning ips in this range: 192.168.1.0/24

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/defined-localnet-to-mean-your-local-clients-tp4661726.html
Sent from the Squid - Users mailing list archive at Nabble.com.