Squid - Cache Manager
Hello all, I am trying to get my squid up and running. I have done a basic configuration file and it is working. I only have one machine configured to use it right now because of testing. I would like to access the info from Webmin and look at the cache there. I am trying to access the cache manager part and it keeps asking me for a Managers name and password. I don't remember doing this during the setup part. I feel comfortable with the CLI so that isn't a problem. I have tried going through the O'Reilly manual to see where you set this up and it does mention it, but I guess I am too stupid to figure it out. Any help would be appreciated. TIA!!!:)
|
Do you have any "acl manager" lines in your squid.conf? By default you should be able to just hit submit with no login info, as long as your web server is on the same machine as squid.
--jeremy |
I haven't tried that. Dooh! To answer your question; yes. I accepted all the defaults and added one to allow my local network access. I'll try just hitting enter and then repost. Thanks for the help!
|
I left everything like the default page (no manager user name and no password entered) and hit enter, It came back saying that the connection was refused (#111). Any ideas? Thanks
|
What was logged in cache.log? Can you post the pertinent parts of your squid.conf?
--jeremy |
That's such a large file. I am new at this so I don't really know which parts would be pertinent. Can you tell me which parts you would like to see? Thanks!!
|
For squid.conf, only the lines that don't start with # are processed (you shouldn't have many of them). For cache.log I only need the couple lines that are around the time you got the error message.
--jeremy |
Okay. Stand by just a bit and I'll get those and repost.
|
From my squid.conf:
http_port 192.168.10.4:3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 8 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB minimum_object_size 0 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_replacement_policy lru memory_replacement_policy lru cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log log_ip_on_direct on mime_table /etc/squid/mime.conf log_mime_hdrs off pid_filename /var/run/squid.pid debug_options ALL,1 log_fqdn off dns_retransmit_interval 5 seconds dns_timeout 5 minutes redirect_children 5 auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hour authenticate_cache_garbage_interval 1 hour authenticate_ttl 1 hour refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 positive_dns_ttl 6 hours negative_dns_ttl 5 minutes connect_timeout 2 minutes peer_connect_timeout 30 seconds ident_timeout 10 seconds shutdown_lifetime 30 seconds acl locallan src 192.168.247.2-192.168.247.50/255.255.255.192 acl all src 0.0.0.0/0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl manager_localhost proto http cache_object # Only allow cachemgr access from localhost http_access allow all http_access allow manager_localhost http_access allow locallan # Deny requests to unknown ports http_access deny manager # Deny CONNECT to other than SSL ports http_access deny !Safe_ports http_access deny to_localhost http_access allow 192.168.247.0/24 http_access deny CONNECT !SSL_ports http_access allow localhost http_reply_access allow all icp_access allow all cache_mgr root cache_effective_user squid cache_effective_group squid dns_testnames netscape.com internic.net nlanr.net microsoft.com logfile_rotate 10 coredump_dir /var/spool/squid That's all there. If I didn't screw up the copy/paste, that's the order that there in. Now for the cache.log: [root@localhost squid]# tail -f /var/log/squid/cache.log 2004/11/02 13:55:31| 0 Objects expired. 2004/11/02 13:55:31| 0 Objects cancelled. 2004/11/02 13:55:31| 0 Duplicate URLs purged. 2004/11/02 13:55:31| 0 Swapfile clashes avoided. 2004/11/02 13:55:31| Took 5.3 seconds ( 30.9 objects/sec). 2004/11/02 13:55:31| Beginning Validation Procedure 2004/11/02 13:55:31| Completed Validation Procedure 2004/11/02 13:55:31| Validated 164 Entries 2004/11/02 13:55:31| store_swap_size = 1208k 2004/11/02 13:55:33| storeLateRelease: released 0 objects That's all that showed. It doesn't even sem as though it's logging the failed attempt. I hope this helps! Thanks again. |
For now, take out the "cache_mgr root" line. Also, the manager acl line should be:
http_access allow manager localhost --jeremy |
I made the changes you recommended. Still no luck. Is there something else I have to do to allow Webmin to access the files? Maybe something else in the ACL's or Proxy Restrictions? Thanks for your help!
|
Sorry, I misread the first post. I thought you wanted to use Squid's web-based "cache manager". I have *no* idea how to get webmin working. I tend to hate apps like that... Hopefully someone else has used webmin+squid and knows the problem.
--jeremy |
I really appreciate your help. I was looking in the squid manual and I think that webmin pulls up the same cgi page as if you were doing from Mozilla. So I will continue searching.
P.S. I don't really care for most of these apps either, but when you are first getting started with a new app it does provide some quick insite into what you are dealing with. I like to start there and then expand into using the CLI as I get more comfortable with the syntax for that app. I do appreciate your help though. I know you have alot to do with keeping this site going. And I might add that this site is the BEST and I really appreciate your efforts. Good Job! |
The cgi based manager that comes with squid isn't all that bad. Have you tried to get that to work? If nothing else, it may at least provide some indication in the logs as to where things are failing.
--jeremy |
Not yet. I haven't made it that far into the O'Reilly book on how to access the different pages and so forth. Is there some basic syntax you have that would work? I assume (that usually means trouble) that youi would simply open up mozilla and type in the IP address and then the page you need. Correct? How do you get the list of pages, etc... Thanks again for your help!
|
The cgi is a single script that generates different pages. The page by default will give you a menu of everything available.
--jeremy |
How do you access it?
|
If you search the docs for "cachemgr.cgi" it should explain it in depth. Basically, just put that file somewhere in your web tree and then access it from a browser.
--jeremy |
Thanks, I'll give it a try and repost. Thanks for your help.
|
i think this will help u out. go to starting of the file under NETWORK OPTIONS u will find the lilne below
# You may specify multiple socket addresses on multiple lines. # http_port 3128 http_port 7071 #http_port 8080 this is a part of my squid.conf file here the port 8080 is blocked and 7071 were open i have removed and the hash sign before http_port 3128 and just hit continue button and lo it worked just check out. i hope it works for u. |
did it work????
|
I apologize for not replying sooner. I have had a mail server hard drive crash, trying to build and configure two more computers and on top of that I am in the process of designing a wifi network that will cover over two counties and into three states. I have had to temporarily put the proxy solution on the back burner. I will try your solution as soon as I can get back to some type of normal status. (Does that ever really happen?)LOLLLLL
Anyway, thanks for your time and help. I am keeping the notification email active in my inbox so that it will be there to remind me that I have something to do. I really appreciate everyone's assistance in this matter. And, as Christmas is approaching, I hope all of you have a Happy Holiday! Thanks again!! |
sure it did work., btw MERRY CHRITMAS TO ALL ENJOY!!!:)
|
Quote:
This worked for me! I know I am reviving a super dead thread and all but I just wanted to confirm it did fix the access issue. My Configuration: Ubuntu 7.10 Server Squid 2.6 Webmin 1.420 My squid file had the server's full socket instead of just the port. |
All times are GMT -5. The time now is 12:31 PM. |