LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-02-2020, 02:59 AM   #1
uthayamurthy
LQ Newbie
 
Registered: Apr 2020
Posts: 5

Rep: Reputation: Disabled
New installation of squid not starting kali linux


This is my first post in this forum.
I Installed Squid in Kali linux and when I run
Code:
sudo systemctl start squid
and
Code:
sudo systemctl status squid
I get the following message:
Quote:
● squid.service - Squid Web Proxy Server
Loaded: loaded (/lib/systemd/system/squid.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2020-04-02 06:41:28 IST; 3s ago
Docs: man:squid(8)
Process: 14693 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, status=0/SUCCESS)
Process: 14696 ExecStart=/usr/sbin/squid -sYC (code=exited, status=0/SUCCESS)
Main PID: 14697 (code=exited, status=1/FAILURE)

Apr 02 06:41:28 hackerpc squid[14715]: Squid Cache (Version 4.10): Terminated abnormally.
Apr 02 06:41:28 hackerpc squid[14715]: Closing Pinger socket on FD 14
Apr 02 06:41:28 hackerpc squid[14697]: Squid Parent: squid-1 process 14715 exited with status 1
Apr 02 06:41:28 hackerpc squid[14697]: Squid Parent: squid-1 process 14715 will not be restarted for 3600 seconds due to repeated, frequent failures
Apr 02 06:41:28 hackerpc squid[14697]: Exiting due to repeated, frequent failures
Apr 02 06:41:28 hackerpc squid[14697]: Removing PID file (/var/run/squid.pid)
Apr 02 06:41:28 hackerpc systemd[1]: squid.service: Main process exited, code=exited, status=1/FAILURE
Apr 02 06:41:28 hackerpc systemd[1]: squid.service: Killing process 14716 (log_file_daemon) with signal SIGKILL.
Apr 02 06:41:28 hackerpc systemd[1]: squid.service: Killing process 14717 (squid) with signal SIGKILL.
Apr 02 06:41:28 hackerpc systemd[1]: squid.service: Failed with result 'exit-code'.
I have not yet made any modifications to /etc/squid/squid.conf file.
Running
Code:
sudo squid -k parse
Gives the following output :
Quote:
2020/04/02 06:56:29| Startup: Initializing Authentication Schemes ...
2020/04/02 06:56:29| Startup: Initialized Authentication Scheme 'basic'
2020/04/02 06:56:29| Startup: Initialized Authentication Scheme 'digest'
2020/04/02 06:56:29| Startup: Initialized Authentication Scheme 'negotiate'
2020/04/02 06:56:29| Startup: Initialized Authentication Scheme 'ntlm'
2020/04/02 06:56:29| Startup: Initialized Authentication.
2020/04/02 06:56:29| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2020/04/02 06:56:29| Processing: acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
2020/04/02 06:56:29| Processing: acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
2020/04/02 06:56:29| Processing: acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
2020/04/02 06:56:29| Processing: acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
2020/04/02 06:56:29| Processing: acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
2020/04/02 06:56:29| Processing: acl localnet src 192.168.0.0/16 # RFC 1918 local private network (LAN)
2020/04/02 06:56:29| Processing: acl localnet src fc00::/7 # RFC 4193 local private network range
2020/04/02 06:56:29| Processing: acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
2020/04/02 06:56:29| Processing: acl SSL_ports port 443
2020/04/02 06:56:29| Processing: acl Safe_ports port 80 # http
2020/04/02 06:56:29| Processing: acl Safe_ports port 21 # ftp
2020/04/02 06:56:29| Processing: acl Safe_ports port 443 # https
2020/04/02 06:56:29| Processing: acl Safe_ports port 70 # gopher
2020/04/02 06:56:29| Processing: acl Safe_ports port 210 # wais
2020/04/02 06:56:29| Processing: acl Safe_ports port 1025-65535 # unregistered ports
2020/04/02 06:56:29| Processing: acl Safe_ports port 280 # http-mgmt
2020/04/02 06:56:29| Processing: acl Safe_ports port 488 # gss-http
2020/04/02 06:56:29| Processing: acl Safe_ports port 591 # filemaker
2020/04/02 06:56:29| Processing: acl Safe_ports port 777 # multiling http
2020/04/02 06:56:29| Processing: acl CONNECT method CONNECT
2020/04/02 06:56:29| Processing: http_access deny !Safe_ports
2020/04/02 06:56:29| Processing: http_access deny CONNECT !SSL_ports
2020/04/02 06:56:29| Processing: http_access allow localhost manager
2020/04/02 06:56:29| Processing: http_access deny manager
2020/04/02 06:56:29| Processing: include /etc/squid/conf.d/*
2020/04/02 06:56:29| Processing Configuration File: /etc/squid/conf.d/debian.conf (depth 1)
2020/04/02 06:56:29| Processing: logfile_rotate 0
2020/04/02 06:56:29| Processing: http_access allow localhost
2020/04/02 06:56:29| Processing: http_access deny all
2020/04/02 06:56:29| Processing: http_port 3128
2020/04/02 06:56:29| Processing: coredump_dir /var/spool/squid
2020/04/02 06:56:29| Processing: refresh_pattern ^ftp: 1440 20% 10080
2020/04/02 06:56:29| Processing: refresh_pattern ^gopher: 1440 0% 1440
2020/04/02 06:56:29| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
2020/04/02 06:56:29| Processing: refresh_pattern . 0 20% 4320
2020/04/02 06:56:29| Initializing https:// proxy context
How to fix the error during squid service startup ?
Any suggestions would be extremely useful.
 
Old 04-02-2020, 08:36 AM   #2
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,256

Rep: Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000
So, curious why you are using squid in Kali Linux. Kali Linux is not a general purpose distro and certainly not one that should be running a web proxy. Have you read this? https://www.linuxquestions.org/quest...ad-4175614092/

Kali is a highly specialized Linux distro intended for penetration testing only. Sure you can use it for other things but expect problems if you to.
 
1 members found this post helpful.
Old 04-02-2020, 08:59 AM   #3
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,501

Rep: Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722
Quote:
Originally Posted by uthayamurthy View Post
This is my first post in this forum.
I Installed Squid in Kali linux and when I run
Code:
sudo systemctl start squid
and
Code:
sudo systemctl status squid
I get the following message:

I have not yet made any modifications to /etc/squid/squid.conf file. Running
Code:
sudo squid -k parse
Gives the following output :

How to fix the error during squid service startup? Any suggestions would be extremely useful.
Best suggestion? Don't use Kali.

Why would you want to use Kali for ANYTHING, past what it was designed for: pentesting and security testing?? Did you read their website?? From their *OWN DOCUMENTATION*
Quote:
Originally Posted by Kali Docs
...Kali is a Linux distribution specifically geared towards professional penetration testers and security specialists, and given its unique nature, it is NOT a recommended distribution if you’re unfamiliar with Linux or are looking for a general-purpose Linux desktop distribution for development, web design, gaming, etc.
 
1 members found this post helpful.
Old 04-02-2020, 09:52 AM   #4
uthayamurthy
LQ Newbie
 
Registered: Apr 2020
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thanks for replies.
I have actually joined a pentesting course . In that we are using arpspoof and squid to modify the web page served to the victim by using some redirect scripts [like these].
 
Old 04-02-2020, 10:00 AM   #5
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,256

Rep: Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000
OK, makes sense then. Thank you for clarifying. I have not installed squid on anything ever so am not able to help in that regard.

Your best bet is to probably install squid in a Debian VM and leverage that. Kali is just so funky in terms of installing anything outside of the norm. Sorry if that isn't the greatest solution but it's the best I can do given my lack of experience with squid.
 
Old 04-02-2020, 10:18 AM   #6
uthayamurthy
LQ Newbie
 
Registered: Apr 2020
Posts: 5

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sevendogsbsd View Post
OK, makes sense then. Thank you for clarifying. I have not installed squid on anything ever so am not able to help in that regard.

Your best bet is to probably install squid in a Debian VM and leverage that. Kali is just so funky in terms of installing anything outside of the norm. Sorry if that isn't the greatest solution but it's the best I can do given my lack of experience with squid.
Thanks for your reply .
I actually tried installing squid in fedora . Initially systemctl start was fine but after changing http_port 3128 to http_port 3128 intercept in squid.conf , it did not start properly.
I am totally new to squid (but not new to linux).
Once again thanks for all replies 😊.
 
Old 04-02-2020, 10:22 AM   #7
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 23,501

Rep: Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722Reputation: 6722
Quote:
Originally Posted by uthayamurthy View Post
Thanks for replies.
I have actually joined a pentesting course . In that we are using arpspoof and squid to modify the web page served to the victim by using some redirect scripts [like these].
Surprised they didn't tell you what Kali was, and the preferred methods for using it; again, it's on Kali's own website, and it's always suggested you run it from a virtual machine, or from a 'live' USB drive, NOT install it.

sevendogsbsd is exactly right; install any version of Linux and put Squid on it...again, Kali *IS NOT* meant to do such things. I'd strongly suggest you read those scripts and figure out what they're doing and how, then load them one by one to see the results. A default Squid installation is not difficult, and if you have Kali in a virtual machine on your Squid system, that makes things pretty easy to navigate.
 
1 members found this post helpful.
Old 04-02-2020, 10:38 AM   #8
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: FreeBSD
Posts: 2,256

Rep: Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000Reputation: 1000
I did find this but not sure if helpful: https://wiki.squid-cache.org/ConfigE.../LinuxRedirect
 
Old 04-02-2020, 11:48 AM   #9
uthayamurthy
LQ Newbie
 
Registered: Apr 2020
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thanks for all replies.
 
Old 04-03-2020, 01:54 AM   #10
uthayamurthy
LQ Newbie
 
Registered: Apr 2020
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thanks everyone for your help and support.
After lots of trial and error I managed to fix the errors.
Here is all I did :
I changed the ownership of /var/pool/squid by
Code:
sudo chown squid:squid /var/spool/squid
Then I moved all the redirect scripts to the /etc/squid directory.

Then I configured the firewall to allow all the traffic through the port:
Code:
sudo ufw allow proto tcp from any to any port 3128
Here is my final squid config file [/etc/squid/squid.conf] :
Quote:
#
# Recommended minimum configuration:
#

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
#acl localnet src 0.0.0.1-0.255.255.255 # RFC 1122 "this" network (LAN)
#acl localnet src 10.0.0.0/8 # RFC 1918 local private network (LAN)
#acl localnet src 100.64.0.0/10 # RFC 6598 shared address space (CGN)
#acl localnet src 169.254.0.0/16 # RFC 3927 link-local (directly plugged) machines
#acl localnet src 172.16.0.0/12 # RFC 1918 local private network (LAN)
acl localnet src 192.168.0.0/16
# RFC 1918 local private network (LAN)
#acl localnet src fc00::/7 # RFC 4193 local private network range
#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports

# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager

# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all
# Squid normally listens to port 3128
http_port 3128 intercept
http_port 3129
# visible_hostname squid.proxy
# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

url_rewrite_program /etc/squid/flipimages.pl
Hope it's useful for others having the same problem .
 
1 members found this post helpful.
Old 04-03-2020, 02:51 AM   #11
!!!
Member
 
Registered: Jan 2017
Location: Fremont, CA, USA
Distribution: Trying any&ALL on old/minimal
Posts: 708

Rep: Reputation: 302Reputation: 302Reputation: 302Reputation: 302
Thanks for providing (giving) your solution for others!!! (tho #7 is conceptual sol'n)
(UNhuamin [username_pun] take-only users don't have that decent consideration to give anything, for others)

& thanks for marking [SOLVED]!!!

+1 #10 !!!

Last edited by !!!; 04-04-2020 at 09:20 PM. Reason: thread was marked Solved, so changed my req to ty.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Kali here, Kali there! Why you should not expect detailed answers. onebuck Linux - General 31 01-25-2021 01:02 PM
How to make Kali Linux look like Parrot OS (Configuring how Kali Linux looks) John1243 Linux - Distributions 1 03-21-2016 03:48 AM
LXer: Migrating from Kali Linux 2 to Kali Linux 2016.1 LXer Syndicated Linux News 0 02-01-2016 08:50 AM
Failed to fetch http://http.kali.org/kali/dists/kali/Release.gpg aymeric75 Linux - General 2 07-11-2015 06:10 AM
[SOLVED] Starting File System .. Starting File System .. Starting File System .. Starting File rmknox Linux - Newbie 3 08-16-2010 12:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration