LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   squid problem (https://www.linuxquestions.org/questions/linux-networking-3/squid-problem-166298/)

htm 04-04-2004 11:42 PM
squid problem
 
Folks,

I am using 2 ethernet cards along with squid in my LAN for internet
access, my server is Redhat 9.0, squid as proxy server, with 1 ethernet
car hooked to the internet (real IP address), the other linking the LAN internal as gate
way (192.168.1.1).

Now everything looks fine, squid is running the sever can get to the internet, every client
(whether Linux or Windows), pinging is just fine, but the browser cannot be opened,
why?
Thx,
HTM

leckie 04-05-2004 01:34 AM
but the browser cannot be opened ?????????????????/


what do u mean

htm 04-05-2004 04:13 AM
I meann
 
Sir,

I mean I cannot access the internet through the browser

Thx,
HTM

leckie 04-05-2004 05:54 AM
with a remark like that no one will answer you question

DavidPhillips 04-05-2004 06:02 AM
Did you configure the squid proxy as transparent to the client?

To do this you need to route the port 80 traffic to squids port so browser requests go through squid.


Like so...

(you need to have a rule like this for each interface that people will connect to, and not the internet interface. So you need to know your device names)

# Squid transparent proxy
$IPTABLES -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

Or you can run it as a normal proxy server where the browser needs to be configured for the proxy.

htm 04-05-2004 07:53 AM
the difference betwen my squid.conf and the default
 
David,

Yes, I set every client's browser as proxy mode using 192.168.1.1's port 3128,
I use ps -aux | grep squid, and find it is running, here is what I changed in
squid.conf:

[guest@headquarter squid]$ diff squid.conf squid.conf.default
469d468
< cache_mem 128 MB
668c667
< cache_dir ufs /var/spool/squid/cache 200 16 256
---
>
1679c1678
< acl all src 192.168.1.1/17
---
> acl all src 0.0.0.0/0.0.0.0
1742c1741
< http_access allow all
---
> http_access deny all
1955d1953
< visible_hostname localhost


besides changing squid.conf, launching it, and set client's browser, are there anything
else I need to do for me to make it happy (internet sharing)?

Thx,
HTM

maxut 04-05-2004 08:07 AM
what does it say in clients' browsers? access denied (squid error)? or connot find (default browser error)?

htm 04-05-2004 08:34 AM
error info
 
IE says it cannot display the page, either cannot find th server or DNS error

BTW looks like log files under /var/log/squid do not offer me too much hints

Thx,
HTM

htm 04-05-2004 08:38 AM
squid warning
 
BTW, I got following warning, when I restarted my squid:

squid (pid 17248 17246) is running...
2004/04/05 21:37:20| aclParseIpData: WARNING: Netmask masks away part of the specified IP in '192.168.1.1/17'

Is that a problem?

Also why there is no log info updating after I visit an internet site at my client?

Thx,
HTM

maxut 04-05-2004 08:51 AM
sure its a problem. your squid doesnt work. if it worked clients browsers could see a webpage generated by squid or they could surf on the internet.
squid think that your ip range is not correct. because your ip range is a C class network. but your netmask isnt correct for C class network. it must be like that 192.168.1.1/24

change the following line in squid.conf

acl all src 0.0.0.0/0.0.0.0
acl lan src 192.168.1.0/255.255.255.0
http_access allow lan
http_access deny all

maxut 04-05-2004 09:06 AM
squid logs are located in /var/log/squid directory. it updates logs immediatelly.

maxut 04-05-2004 09:10 AM
if your network is 192.168.0.0/255.255.0.0, u can define it like that:

acl lan src 192.168.0.0/17

htm 04-05-2004 09:12 AM
error info after running squidclient
 
At server side, I run squidclient, I got the following info, what do those error info
mean?

Thx a ton,

HTM


[root@headquarter sbin]# squidclient
bash: squidclient: command not found
[root@headquarter sbin]# ./squidclient http://www.yahoo.com
HTTP/1.0 403 Forbidden
Server: squid/2.5.STABLE1
Mime-Version: 1.0
Date: Tue, 06 Apr 2004 02:19:37 GMT
Content-Type: text/html
Content-Length: 1039
Expires: Tue, 06 Apr 2004 02:19:37 GMT
X-Squid-Error: ERR_ACCESS_DENIED 0
X-Cache: MISS from localhost
Proxy-Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
<STYLE type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR noshade size="1px">
<P>
While trying to retrieve the URL:
<A HREF="http://www.yahoo.com">http://www.yahoo.com</A>
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
Access Denied.
</STRONG>
<P>
Access control configuration prevents your request from
being allowed at this time. Please contact your service provider if
you feel this is incorrect.
</UL>
<P>Your cache administrator is <A HREF="mailto:root">root</A>.


<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Tue, 06 Apr 2004 02:19:37 GMT by localhost (squid/2.5.STABLE1)
</ADDRESS>
</BODY></HTML>
[root@headquarter sbin]#
[root@headquarter sbin]#

maxut 04-05-2004 09:26 AM
cant u read it? it says access is denied.

htm 04-05-2004 09:46 AM
yeah, could you offer me a pointer?
 
Maxcut,

Could you let me know how to fix that?

I've done everything, change hostname from headquarter back to localhost,
in the client side, set IT's advancd tab, allow http access through proxy, why
the access is denied?

Now I also got some info in store.log after unsing command
./squidclient -p 3128 htt://www.yahoo.com (at server side in emulating an client)

1081217776.023 RELEASE -1 FFFFFFFF A0329052B72100A0A4D2609845D182BD 200 1081174001 -1 -1 text/html -1/1095 GET http://www.yahoo.com
1081217776.023 RELEASE -1 FFFFFFFF BBB41116D01C97FE0E4678361DF2828E 403 1081217776 0 1081217776 text/html 1039/1271 GET http://www.yahoo.com
1081217978.092 RELEASE -1 FFFFFFFF 46F9A8B813CE95B29E37C03840D3B96B 200 1081174203 -1 -1 text/html -1/2543 GET http://www.yahoo.com
1081217978.093 RELEASE -1 FFFFFFFF E354D075A75B23DA3A58AFEEF46D20C8 403 1081217977 0 1081217977 text/html 1039/1271 GET http://www.yahoo.com
1081218485.647 RELEASE -1 FFFFFFFF B9939ADBA4F7581A32A9DA2917D1C3E8 200 1081174710 -1 -1 text/html -1/1095 GET http://www.yahoo.com
1081218485.656 RELEASE -1 FFFFFFFF 422A4E1E9CAED166A27E5C544B66D03C 403 1081218485 0 1081218485 text/html 1039/1271 GET http://www.yahoo.com

I am stucking with that for days, thanks you vey much indeed,

HTM


All times are GMT -5. The time now is 08:21 PM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page