 |  |  |  |  |  |  |  |
how to setup squid server
 |
•
•
Join Date: Aug 2005
Posts: 74
Reputation: 
Solved Threads: 0
Junior Poster in Training
hey friends
can any one tell me how to setup squid server (proxy server) in linux (fedora core 3) in the minimam steps required. i tryed installing and setup but dont know where is the problema nad what is the actual procdure for i have also red from www.squid.org but all is not good . every time i start squid servece is says failed can any one tell me from th ebegning how to setup proxy server for my lab and my server on which i wanted to start squid server is 192.168.200.1/255.255.255.0 and i wanted to give acess to all comps from 192.168.0.1-192.168.0.255/255.255.255.0
thanks in advance
can any one tell me how to setup squid server (proxy server) in linux (fedora core 3) in the minimam steps required. i tryed installing and setup but dont know where is the problema nad what is the actual procdure for i have also red from www.squid.org but all is not good . every time i start squid servece is says failed can any one tell me from th ebegning how to setup proxy server for my lab and my server on which i wanted to start squid server is 192.168.200.1/255.255.255.0 and i wanted to give acess to all comps from 192.168.0.1-192.168.0.255/255.255.255.0
thanks in advance
•
•
Join Date: Aug 2004
Posts: 298
Reputation:
Solved Threads: 2
Posting Whiz in Training
your /etc/squid/squid.conf is probably misconfigured and
at a minimum should contain:
1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)
acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com
you should be able to use this to refer to later in the file now...
2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)
http_access allow yourdomainshortname
restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server
troubleshooting: [do this on the proxy server]
'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.
double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.
ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:
127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com
/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.
you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)
make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...
enjoy & happy troubleshooting..
Cain
at a minimum should contain:
1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)
acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com
you should be able to use this to refer to later in the file now...
2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)
http_access allow yourdomainshortname
restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server
troubleshooting: [do this on the proxy server]
'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.
double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.
ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:
127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com
/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.
you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)
make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...
enjoy & happy troubleshooting..
Cain
I used up all my money on you baby...
... and I want it BACK.
... and I want it BACK.
•
•
Join Date: Aug 2005
Posts: 74
Reputation:
Solved Threads: 0
Junior Poster in Training
•
•
•
•
Originally Posted by Cain
your /etc/squid/squid.conf is probably misconfigured and
at a minimum should contain:
1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)
acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com
you should be able to use this to refer to later in the file now...
2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)
http_access allow yourdomainshortname
restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server
troubleshooting: [do this on the proxy server]
'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.
double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.
ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:
127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com
/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.
you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)
make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...
enjoy & happy troubleshooting..
Cain
hey Cain
thanks for the solution
let me try this i dont feel there might be some problem if there whould be i will come back to u again :cheesy:
thanks once again
•
•
Join Date: Aug 2004
Posts: 298
Reputation:
Solved Threads: 2
Posting Whiz in Training
The tail command in Fedora/Redhat is fully capable of 'monitoring' multiple log files at the same time like so:
prompt%tail -f {filename1} {filename2} {filename3}
without the "{}" brackets. you will have to use full pathnames if log files
are in differing locations withi the filesystem. (I cant say for sure if this flies With SunOS or Solaris ased unix systems though.)
Tail will break up the current window into three even segments across the horisontal plane and post the results of the updates o the end of each file as the updates occur. No special tools required. Just basic command usage.
I digress, this is squid proxy thread.
prompt%tail -f {filename1} {filename2} {filename3}
without the "{}" brackets. you will have to use full pathnames if log files
are in differing locations withi the filesystem. (I cant say for sure if this flies With SunOS or Solaris ased unix systems though.)
Tail will break up the current window into three even segments across the horisontal plane and post the results of the updates o the end of each file as the updates occur. No special tools required. Just basic command usage.
I digress, this is squid proxy thread.
I used up all my money on you baby...
... and I want it BACK.
... and I want it BACK.
•
•
Join Date: Aug 2004
Posts: 298
Reputation:
Solved Threads: 2
Posting Whiz in Training
•
•
•
•
Originally Posted by madanuuk
While starting the server, you can keep an eye on the log files using "tail -f"
If you want to monitor multiple log files at the same time, try using the following tool:
http://www.makelogic.com/tail/TailHome.htm
This appears to be a shameless plug as its hit two threads.. :mrgreen:
I used up all my money on you baby...
... and I want it BACK.
... and I want it BACK.
•
•
•
•
Originally Posted by Cain
This appears to be a shameless plug as its hit two threads.. :mrgreen:
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
•
•
Join Date: Aug 2004
Posts: 298
Reputation:
Solved Threads: 2
Posting Whiz in Training
yay!! spammich! haha :mrgreen:
I used up all my money on you baby...
... and I want it BACK.
... and I want it BACK.
Sir, can you send more about squid server setup because l am using the same stuff here.
l am in Ghana wast africa and l am using this to control the band width.
And l want to laern more about it.
Thanks.
Boat
l am in Ghana wast africa and l am using this to control the band width.
And l want to laern more about it.
Thanks.
Boat
•
•
•
•
Originally Posted by Cain
The tail command in Fedora/Redhat is fully capable of 'monitoring' multiple log files at the same time like so:
prompt%tail -f {filename1} {filename2} {filename3}
without the "{}" brackets. you will have to use full pathnames if log files
are in differing locations withi the filesystem. (I cant say for sure if this flies With SunOS or Solaris ased unix systems though.)
Tail will break up the current window into three even segments across the horisontal plane and post the results of the updates o the end of each file as the updates occur. No special tools required. Just basic command usage.
I digress, this is squid proxy thread.
A few Squid resources:
http://www.deckle.co.za/squid-users-guide/Main_Page
http://www.tldp.org/HOWTO/TransparentProxy.html
http://www.tldp.org/HOWTO/Bandwidth-...O/install.html
Also, remember that Google for Linux is your friend when it comes to finding Linux-related resources.
http://www.deckle.co.za/squid-users-guide/Main_Page
http://www.tldp.org/HOWTO/TransparentProxy.html
http://www.tldp.org/HOWTO/Bandwidth-...O/install.html
Also, remember that Google for Linux is your friend when it comes to finding Linux-related resources.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
Due to the fact that the member who originally started this thread has not responded in nearly one year, this thread is considered abandoned and has been closed.
In accordance with our posting rules, other members having similar questions or problems need to start their own threads and post their questions there.
In order to help us help you most quickly, please include as much information about your problem as possible in your posts.
If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.
Thank you.
In accordance with our posting rules, other members having similar questions or problems need to start their own threads and post their questions there.
In order to help us help you most quickly, please include as much information about your problem as possible in your posts.
If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.
Thank you.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
|
Other Threads in the *nix Software Forum
- Previous Thread: Redhat 9 bootup problem
- Next Thread: Volum control
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest *nix Software Posts
- Today's Posts
- Unanswered Threads
