Hai

I have the doubt and a problem using Squid.

1. Can we run the Squid proxy on the System Which is having only one Network Card.
2. Iam Already getting the internet from another proxy on my network now i want to make my PC to distribute this internet to another system of my internal network. (getting proxy from 192.8.100.34:80, My ip is 192.8.100.225, other system ip is 192.8.100.244)

configure the squid on 192.8.100.225 give the instructions.

Please give the information on these two issues

thank u all for sharing your knowledge with us

thank u

Hi Teluguswan ,

You can very well use the squid with one lan card

i think ur from andhra

Step 1 : edit: http port as default remote the #

Line no 53

Tag name : http port

Example : http_port 3128

Step 2: edit: cache memory as u want to keep

Line no 469

Tag name : cah_mem

Example : cache_mem 8 MB

And also line no 485&489

Ex : cache_swap_low 90
cache_swap_high 95


Step 4: remove the # in the maximum object size and keep as per requirement

Line no 501

TAG: maximum_object_size

Example : maximum_object_size 4096 KB

That is only 4 mb it wiil help for cache as per the if we want more ,then edit and increase the size .


Step 5: define cache dir by removing the # ,and also mention the size of the dierctory
Bye default it is 100 ,u can change as per requirements

Line no 666

Tag name : TAG: cache_dir
Example : cache_dir ufs /var/spool/squid 100 16 256

And also enable the the log file u want there

Thank u winxandlinx

did not work,

i created after the above changes one acl i.e

acl lan src 192.8.100.244

and also made the http_access i.e

http_access allow lan

But i dont understand where should i give the my parent proxy (192.8.100.34:80) from where iam getting the internet.

squid how understands that it is getting the internet from the local network or from the modem.

please clarify this for me

thank u

Here is a sample of my squid.conf file that runs as a transparent proxy server on an RHEL clone:
http://www.serversamples.com/view.php?sample=3

please give the information as mentioned on above my ip addresses this will be very helpful for me. I read more about the squid but i dont find the information that if iam connecting to the internet using phone what is the process and what is the process if iam getting through the lan and based on dynamic, static ipaddresses.

first please give the squid configuration on above ip addresses and the issue is above

Yes you can use squid to act as a proxy on a system with one network card only.

Your case:
Your existing proxy : 192.8.100.34:80 (It would be 8080 i think)
System at which we have to setup a new proxy : 192.8.100.225
Client/user is : 192.8.100.224

copy-paste the below mentioned configuations over to a new squid.conf.
-----------------------
http_port 8080
cache_peer 192.8.100.34 parent 8080 3130 no-query default no-digest
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16 MB
maximum_object_size 8192 KB
cache_dir ufs /var/spool/squid 200 16 256
cache_store_log /var/log/squid/store.log
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl user src 192.8.100.224/255.255.255.255
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow user
http_access deny all
http_reply_access allow all
icp_access allow all
never_direct allow all
cache_effective_user squid
cache_effective_group squid
visible_hostname backup-proxy.com
unique_hostname backup-proxy.com
coredump_dir /var/spool/squid
-----------------------

The bold red line is the one who is doing the trick there; Basically we have asked this proxy of ours to use web-cache of our original proxy with cache peer option.
never_direct allow all; means, none of your requests should try to bypass the web-cache with this option in place.

The above mentioned configuration has been modified to fit to your network requirment, this will work.

If you have any further query, do ask.

I will try and inform u, Thank u for your brief information.

its very good as will do


Hey Thanks its working perfect now can u help me to configure the tool which will show the users action here in that

Hey Excellent It is working without any problem


Really thanks for this info

hi amitsharma_26,

i tried your squid script.i also want the same scenario,as teluguswan wanted. but unfortunately it's not working with
my squid. my parent squid is 192.168.1.20:3128 and my secondary squid is 192.168.2.20:3128. can you guide me in this please. when i put your squid script and resart i get the following error.
-------------------------------------------------------
# /etc/init.d/squid restart
Restarting proxy server: FATAL: getpwnam failed to find userid for effective user 'squid'
Squid Cache (Version 2.5.STABLE9): Terminated abnormally.
CPU Usage: 0.004 seconds = 0.003 user + 0.001 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 0
/etc/init.d/squid: line 184: 4207 Aborted start-stop-daemon --quiet --start --pidfile $PIDFILE --chuid $CHUID --exec $DAEMON -- $SQUID_ARGS </dev/null
------------------------------------------------------------

then i adjusted the squid.conf as below.
---------------------------------
#cache_effective_user squid
#cache_effective_group squid
----------------------------------

now the problem i am having is, it's not getting the websites as i request. i checked the access.log and found the following messages.
-----------------------------------------------------------
1159800035.706 60575 192.168.2.200 TCP_MISS/503 0 CONNECT talk.google.com:443 - DEFAULT_PARENT/192.168.1.20 -
1159800035.709 0 192.168.2.200 TCP_DENIED/403 1404 CONNECT talk.google.com:5222 - NONE/- text/html
1159800070.218 0 192.168.2.200 TCP_MISS/503 0 CONNECT talkx.l.google.com:443 - NONE/- -
1159800070.221 0 192.168.2.200 TCP_DENIED/403 1410 CONNECT talkx.l.google.com:5222 - NONE/- text/html
1159800074.238 240358 192.168.2.200 TCP_MISS/504 1412 GET http://www.google.com/ - NONE/- text/html
----------------------------------------------------------------

Are you sure that you are having in your secondary squid.conf

& make sure that you dont have any firewall blocking all this @ any of your boxes.

-------
p.s: (list of http status codes)
000 Used mostly with UDP traffic.
100 Continue
101 Switching Protocols
*102 Processing
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
*207 Multi Status
300 Multiple Choices
301 Moved Permanently
302 Moved Temporarily
303 See Other
304 Not Modified
305 Use Proxy
[307 Temporary Redirect]
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request URI Too Large
415 Unsupported Media Type
[416 Request Range Not Satisfiable]
[417 Expectation Failed]
*424 Locked
*424 Failed Dependency
*433 Unprocessable Entity
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
*507 Insufficient Storage
600 Squid header parsing error