0

hey friends
can any one tell me how to setup squid server (proxy server) in linux (fedora core 3) in the minimam steps required. i tryed installing and setup but dont know where is the problema nad what is the actual procdure for i have also red from www.squid.org but all is not good . every time i start squid servece is says failed can any one tell me from th ebegning how to setup proxy server for my lab and my server on which i wanted to start squid server is 192.168.200.1/255.255.255.0 and i wanted to give acess to all comps from 192.168.0.1-192.168.0.255/255.255.255.0
thanks in advance

4
Contributors
9
Replies
11
Views
12 Years
Discussion Span
Last Post by DMR
0

your /etc/squid/squid.conf is probably misconfigured and
at a minimum should contain:

1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)

acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com

you should be able to use this to refer to later in the file now...

2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)

http_access allow yourdomainshortname


restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server

troubleshooting: [do this on the proxy server]

'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.

double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.

ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:

127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com

/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.

you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)

make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...

enjoy & happy troubleshooting..
Cain

0

your /etc/squid/squid.conf is probably misconfigured and
at a minimum should contain:

1] add your domain to the acl (access control lists) below the default entry
"acl CONNECT method CONNECT" line like so: [use the CIDR instead of the subnetmask]
(remember allow first then deny last)

acl yourdomainshortname src 192.168.0.0/24
acl yourdomainshortname src .yourdomain.com

you should be able to use this to refer to later in the file now...

2] search further down in the file for the line that looks like:
"INSERT YOUR OWN RULES HERE" add the following line under the
localhost rule: (refer to the items in 1] above)

http_access allow yourdomainshortname


restart squid
I believe that squid uses port 3128 by default.
to test this you can configure a browser and point it at your proxy server

troubleshooting: [do this on the proxy server]

'tail -f /var/log/messages' in a seperate bash window while restarting squid
'tail -f /var/log/squid/access.log' in a seperate bash window while
attempting connections to the proxy server. watch the output for
success & failure.

double check iptables to ensure that it isnt running a conflicting firewall
'service iptables status' if iptables is running
you can temporarily disable it and restart squid and then test again:
'service iptables stop'
In the long run you should probably configure iptables to allow, deny,
drop and log traffic as appropriate for the given ports/services that you require.

ensure that /etc/hosts is setup correctly and there are seperate entries
for localhost and your system like so:

127.0.0.1 localhost localhost.localdomain
192.168.0.x proxyserver proxyserver.yourdomain.com wwx.youretcdomain.com

/etc/hosts.allow & /etc/hosts.deny can also present conflicts. ensure
that they dont.

you can also test a given port on the localhost with telnet to see if you
are allowed to connect at all:
'telnet localhost 3128' and see if you're even allowed to connect
run the following command to check a given port
'netstat -n | grep 3128' (or any other port)

make sure you can resolve yourself and other machines in dns by using
'dig' or nslookup' to avoid the obvious...

enjoy & happy troubleshooting..
Cain

hey Cain
thanks for the solution
let me try this i dont feel there might be some problem if there whould be i will come back to u again :cheesy:
thanks once again

0

The tail command in Fedora/Redhat is fully capable of 'monitoring' multiple log files at the same time like so:

prompt%tail -f {filename1} {filename2} {filename3}

without the "{}" brackets. you will have to use full pathnames if log files
are in differing locations withi the filesystem. (I cant say for sure if this flies With SunOS or Solaris ased unix systems though.)

Tail will break up the current window into three even segments across the horisontal plane and post the results of the updates o the end of each file as the updates occur. No special tools required. Just basic command usage.


I digress, this is squid proxy thread. ;)

0

This appears to be a shameless plug as its hit two threads.. :mrgreen:

5 threads in total, actually. Care for a Spam sandwich? :cheesy:

0

Sir, can you send more about squid server setup because l am using the same stuff here.

l am in Ghana wast africa and l am using this to control the band width.

And l want to laern more about it.

Thanks.
Boat

The tail command in Fedora/Redhat is fully capable of 'monitoring' multiple log files at the same time like so:

prompt%tail -f {filename1} {filename2} {filename3}

without the "{}" brackets. you will have to use full pathnames if log files
are in differing locations withi the filesystem. (I cant say for sure if this flies With SunOS or Solaris ased unix systems though.)

Tail will break up the current window into three even segments across the horisontal plane and post the results of the updates o the end of each file as the updates occur. No special tools required. Just basic command usage.


I digress, this is squid proxy thread. ;)

0

Due to the fact that the member who originally started this thread has not responded in nearly one year, this thread is considered abandoned and has been closed.

In accordance with our posting rules, other members having similar questions or problems need to start their own threads and post their questions there.
In order to help us help you most quickly, please include as much information about your problem as possible in your posts.

If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.

Thank you.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.