Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
11-02-2004, 09:52 AM
|
#1
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Rep:
|
Squid - Cache Manager
Hello all, I am trying to get my squid up and running. I have done a basic configuration file and it is working. I only have one machine configured to use it right now because of testing. I would like to access the info from Webmin and look at the cache there. I am trying to access the cache manager part and it keeps asking me for a Managers name and password. I don't remember doing this during the setup part. I feel comfortable with the CLI so that isn't a problem. I have tried going through the O'Reilly manual to see where you set this up and it does mention it, but I guess I am too stupid to figure it out. Any help would be appreciated. TIA!!!
|
|
|
11-02-2004, 10:41 AM
|
#2
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
Do you have any "acl manager" lines in your squid.conf? By default you should be able to just hit submit with no login info, as long as your web server is on the same machine as squid.
--jeremy
|
|
|
11-02-2004, 12:51 PM
|
#3
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
I haven't tried that. Dooh! To answer your question; yes. I accepted all the defaults and added one to allow my local network access. I'll try just hitting enter and then repost. Thanks for the help!
|
|
|
11-02-2004, 01:28 PM
|
#4
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
I left everything like the default page (no manager user name and no password entered) and hit enter, It came back saying that the connection was refused (#111). Any ideas? Thanks
|
|
|
11-02-2004, 01:50 PM
|
#5
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
What was logged in cache.log? Can you post the pertinent parts of your squid.conf?
--jeremy
|
|
|
11-02-2004, 01:58 PM
|
#6
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
That's such a large file. I am new at this so I don't really know which parts would be pertinent. Can you tell me which parts you would like to see? Thanks!!
|
|
|
11-02-2004, 02:00 PM
|
#7
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
For squid.conf, only the lines that don't start with # are processed (you shouldn't have many of them). For cache.log I only need the couple lines that are around the time you got the error message.
--jeremy
|
|
|
11-02-2004, 02:03 PM
|
#8
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
Okay. Stand by just a bit and I'll get those and repost.
|
|
|
11-02-2004, 02:27 PM
|
#9
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
From my squid.conf:
http_port 192.168.10.4:3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
ipcache_size 1024
ipcache_low 90
ipcache_high 95
fqdncache_size 1024
cache_replacement_policy lru
memory_replacement_policy lru
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
log_ip_on_direct on
mime_table /etc/squid/mime.conf
log_mime_hdrs off
pid_filename /var/run/squid.pid
debug_options ALL,1
log_fqdn off
dns_retransmit_interval 5 seconds
dns_timeout 5 minutes
redirect_children 5
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
authenticate_cache_garbage_interval 1 hour
authenticate_ttl 1 hour
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
quick_abort_min 16 KB
quick_abort_max 16 KB
quick_abort_pct 95
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
connect_timeout 2 minutes
peer_connect_timeout 30 seconds
ident_timeout 10 seconds
shutdown_lifetime 30 seconds
acl locallan src 192.168.247.2-192.168.247.50/255.255.255.192
acl all src 0.0.0.0/0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl manager_localhost proto http cache_object
# Only allow cachemgr access from localhost
http_access allow all
http_access allow manager_localhost
http_access allow locallan
# Deny requests to unknown ports
http_access deny manager
# Deny CONNECT to other than SSL ports
http_access deny !Safe_ports
http_access deny to_localhost
http_access allow 192.168.247.0/24
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_reply_access allow all
icp_access allow all
cache_mgr root
cache_effective_user squid
cache_effective_group squid
dns_testnames netscape.com internic.net nlanr.net microsoft.com
logfile_rotate 10
coredump_dir /var/spool/squid
That's all there. If I didn't screw up the copy/paste, that's the order that there in. Now for the cache.log:
[root@localhost squid]# tail -f /var/log/squid/cache.log
2004/11/02 13:55:31| 0 Objects expired.
2004/11/02 13:55:31| 0 Objects cancelled.
2004/11/02 13:55:31| 0 Duplicate URLs purged.
2004/11/02 13:55:31| 0 Swapfile clashes avoided.
2004/11/02 13:55:31| Took 5.3 seconds ( 30.9 objects/sec).
2004/11/02 13:55:31| Beginning Validation Procedure
2004/11/02 13:55:31| Completed Validation Procedure
2004/11/02 13:55:31| Validated 164 Entries
2004/11/02 13:55:31| store_swap_size = 1208k
2004/11/02 13:55:33| storeLateRelease: released 0 objects
That's all that showed. It doesn't even sem as though it's logging the failed attempt. I hope this helps! Thanks again.
|
|
|
11-02-2004, 03:47 PM
|
#10
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
For now, take out the "cache_mgr root" line. Also, the manager acl line should be:
http_access allow manager localhost
--jeremy
|
|
|
11-03-2004, 07:26 AM
|
#11
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
I made the changes you recommended. Still no luck. Is there something else I have to do to allow Webmin to access the files? Maybe something else in the ACL's or Proxy Restrictions? Thanks for your help!
|
|
|
11-03-2004, 08:36 AM
|
#12
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
Sorry, I misread the first post. I thought you wanted to use Squid's web-based "cache manager". I have *no* idea how to get webmin working. I tend to hate apps like that... Hopefully someone else has used webmin+squid and knows the problem.
--jeremy
|
|
|
11-03-2004, 08:45 AM
|
#13
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
I really appreciate your help. I was looking in the squid manual and I think that webmin pulls up the same cgi page as if you were doing from Mozilla. So I will continue searching.
P.S. I don't really care for most of these apps either, but when you are first getting started with a new app it does provide some quick insite into what you are dealing with. I like to start there and then expand into using the CLI as I get more comfortable with the syntax for that app. I do appreciate your help though. I know you have alot to do with keeping this site going. And I might add that this site is the BEST and I really appreciate your efforts. Good Job!
|
|
|
11-03-2004, 10:27 AM
|
#14
|
root
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 13,610
|
The cgi based manager that comes with squid isn't all that bad. Have you tried to get that to work? If nothing else, it may at least provide some indication in the logs as to where things are failing.
--jeremy
|
|
|
11-03-2004, 11:08 AM
|
#15
|
Member
Registered: Sep 2003
Location: NW Arkansas
Distribution: Linux Redhat 9.0, Fedora Core 2,Debian 3.0, Win 2K, Win95, Win98, WinXp Pro
Posts: 344
Original Poster
Rep:
|
Not yet. I haven't made it that far into the O'Reilly book on how to access the different pages and so forth. Is there some basic syntax you have that would work? I assume (that usually means trouble) that youi would simply open up mozilla and type in the IP address and then the page you need. Correct? How do you get the list of pages, etc... Thanks again for your help!
|
|
|
All times are GMT -5. The time now is 03:23 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|