LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Squid - Cache Manager (https://www.linuxquestions.org/questions/linux-networking-3/squid-cache-manager-250206/)

ScooterB 11-02-2004 09:52 AM
Squid - Cache Manager
 
Hello all, I am trying to get my squid up and running. I have done a basic configuration file and it is working. I only have one machine configured to use it right now because of testing. I would like to access the info from Webmin and look at the cache there. I am trying to access the cache manager part and it keeps asking me for a Managers name and password. I don't remember doing this during the setup part. I feel comfortable with the CLI so that isn't a problem. I have tried going through the O'Reilly manual to see where you set this up and it does mention it, but I guess I am too stupid to figure it out. Any help would be appreciated. TIA!!!:)

jeremy 11-02-2004 10:41 AM
Do you have any "acl manager" lines in your squid.conf? By default you should be able to just hit submit with no login info, as long as your web server is on the same machine as squid.

--jeremy

ScooterB 11-02-2004 12:51 PM
I haven't tried that. Dooh! To answer your question; yes. I accepted all the defaults and added one to allow my local network access. I'll try just hitting enter and then repost. Thanks for the help!

ScooterB 11-02-2004 01:28 PM
I left everything like the default page (no manager user name and no password entered) and hit enter, It came back saying that the connection was refused (#111). Any ideas? Thanks

jeremy 11-02-2004 01:50 PM
What was logged in cache.log? Can you post the pertinent parts of your squid.conf?

--jeremy

ScooterB 11-02-2004 01:58 PM
That's such a large file. I am new at this so I don't really know which parts would be pertinent. Can you tell me which parts you would like to see? Thanks!!

jeremy 11-02-2004 02:00 PM
For squid.conf, only the lines that don't start with # are processed (you shouldn't have many of them). For cache.log I only need the couple lines that are around the time you got the error message.

--jeremy

ScooterB 11-02-2004 02:03 PM
Okay. Stand by just a bit and I'll get those and repost.

ScooterB 11-02-2004 02:27 PM
From my squid.conf:

http_port 192.168.10.4:3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
log_ip_on_direct on
mime_table /etc/squid/mime.conf
log_mime_hdrs off
pid_filename /var/run/squid.pid
debug_options ALL,1
log_fqdn off
dns_retransmit_interval 5 seconds
dns_timeout 5 minutes
redirect_children 5
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
connect_timeout 2 minutes
peer_connect_timeout 30 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
acl locallan src 192.168.247.2-192.168.247.50/255.255.255.192
acl all src 0.0.0.0/0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl manager_localhost proto http cache_object
# Only allow cachemgr access from localhost
http_access allow all
http_access allow manager_localhost
http_access allow locallan
# Deny requests to unknown ports
http_access deny manager
# Deny CONNECT to other than SSL ports
http_access deny !Safe_ports
http_access deny to_localhost
http_access allow 192.168.247.0/24
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_reply_access allow all
icp_access allow all
cache_mgr root
cache_effective_user squid
cache_effective_group squid
dns_testnames netscape.com internic.net nlanr.net microsoft.com
logfile_rotate 10
coredump_dir /var/spool/squid

That's all there. If I didn't screw up the copy/paste, that's the order that there in. Now for the cache.log:

[root@localhost squid]# tail -f /var/log/squid/cache.log
2004/11/02 13:55:31| 0 Objects expired.
2004/11/02 13:55:31| 0 Objects cancelled.
2004/11/02 13:55:31| 0 Duplicate URLs purged.
2004/11/02 13:55:31| 0 Swapfile clashes avoided.
2004/11/02 13:55:31| Took 5.3 seconds ( 30.9 objects/sec).
2004/11/02 13:55:31| Beginning Validation Procedure
2004/11/02 13:55:31| Completed Validation Procedure
2004/11/02 13:55:31| Validated 164 Entries
2004/11/02 13:55:31| store_swap_size = 1208k
2004/11/02 13:55:33| storeLateRelease: released 0 objects

That's all that showed. It doesn't even sem as though it's logging the failed attempt. I hope this helps! Thanks again.

jeremy 11-02-2004 03:47 PM
For now, take out the "cache_mgr root" line. Also, the manager acl line should be:
http_access allow manager localhost

--jeremy

ScooterB 11-03-2004 07:26 AM
I made the changes you recommended. Still no luck. Is there something else I have to do to allow Webmin to access the files? Maybe something else in the ACL's or Proxy Restrictions? Thanks for your help!

jeremy 11-03-2004 08:36 AM
Sorry, I misread the first post. I thought you wanted to use Squid's web-based "cache manager". I have *no* idea how to get webmin working. I tend to hate apps like that... Hopefully someone else has used webmin+squid and knows the problem.

--jeremy

ScooterB 11-03-2004 08:45 AM
I really appreciate your help. I was looking in the squid manual and I think that webmin pulls up the same cgi page as if you were doing from Mozilla. So I will continue searching.

P.S. I don't really care for most of these apps either, but when you are first getting started with a new app it does provide some quick insite into what you are dealing with. I like to start there and then expand into using the CLI as I get more comfortable with the syntax for that app. I do appreciate your help though. I know you have alot to do with keeping this site going. And I might add that this site is the BEST and I really appreciate your efforts. Good Job!

jeremy 11-03-2004 10:27 AM
The cgi based manager that comes with squid isn't all that bad. Have you tried to get that to work? If nothing else, it may at least provide some indication in the logs as to where things are failing.

--jeremy

ScooterB 11-03-2004 11:08 AM
Not yet. I haven't made it that far into the O'Reilly book on how to access the different pages and so forth. Is there some basic syntax you have that would work? I assume (that usually means trouble) that youi would simply open up mozilla and type in the IP address and then the page you need. Correct? How do you get the list of pages, etc... Thanks again for your help!

jeremy 11-03-2004 04:38 PM
The cgi is a single script that generates different pages. The page by default will give you a menu of everything available.

--jeremy

ScooterB 11-04-2004 07:05 AM
How do you access it?

jeremy 11-04-2004 09:12 AM
If you search the docs for "cachemgr.cgi" it should explain it in depth. Basically, just put that file somewhere in your web tree and then access it from a browser.

--jeremy

ScooterB 11-04-2004 02:06 PM
Thanks, I'll give it a try and repost. Thanks for your help.

gsr_kashyap 12-07-2004 09:43 AM
i think this will help u out. go to starting of the file under NETWORK OPTIONS u will find the lilne below


# You may specify multiple socket addresses on multiple lines.
#
http_port 3128
http_port 7071
#http_port 8080

this is a part of my squid.conf file here the port 8080 is blocked and 7071 were open i have removed and the hash sign before http_port 3128 and just hit continue button and lo it worked just check out. i hope it works for u.

gsr_kashyap 12-12-2004 03:37 AM
did it work????

ScooterB 12-15-2004 10:48 AM
I apologize for not replying sooner. I have had a mail server hard drive crash, trying to build and configure two more computers and on top of that I am in the process of designing a wifi network that will cover over two counties and into three states. I have had to temporarily put the proxy solution on the back burner. I will try your solution as soon as I can get back to some type of normal status. (Does that ever really happen?)LOLLLLL

Anyway, thanks for your time and help. I am keeping the notification email active in my inbox so that it will be there to remind me that I have something to do. I really appreciate everyone's assistance in this matter.

And, as Christmas is approaching, I hope all of you have a Happy Holiday!

Thanks again!!

gsr_kashyap 12-17-2004 06:08 AM
sure it did work., btw MERRY CHRITMAS TO ALL ENJOY!!!:)

ccarlson 06-03-2008 09:15 AM
Quote:
Originally Posted by gsr_kashyap (Post 1336198)
i think this will help u out. go to starting of the file under NETWORK OPTIONS u will find the lilne below


# You may specify multiple socket addresses on multiple lines.
#
http_port 3128
http_port 7071
#http_port 8080

this is a part of my squid.conf file here the port 8080 is blocked and 7071 were open i have removed and the hash sign before http_port 3128 and just hit continue button and lo it worked just check out. i hope it works for u.


This worked for me! I know I am reviving a super dead thread and all but I just wanted to confirm it did fix the access issue.

My Configuration:
Ubuntu 7.10 Server
Squid 2.6
Webmin 1.420


My squid file had the server's full socket instead of just the port.


All times are GMT -5. The time now is 12:31 PM.