Problem with SQUID configuration

lovingaditya28 · 12-03-2009, 12:15 AM

Hi,
i am new to Linux and i am trying to configure SQUID proxy on Fedora10
but i am not able to browse internet from client, though i checked through wget its working on Fedora10 machine. Below is the squid.conf file contents, please suggest where i am wrong...

#acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
#acl to_localhost src 127.0.0.0/8
acl dcsnet src 192.168.2.0/255.255.255.0
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 70 210 1025-65535 280 488 591 777
acl CONNECT method CONNECT

http_access allow SSL_ports
http_access allow Safe_ports
http_access allow dcsnet
#http_access allow manager localhost
http_access allow localhost

#http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny CONNECT

Regards,
Pankaj

TB0ne · 12-03-2009, 10:49 AM

Quote:

Originally Posted by lovingaditya28

Hi,
i am new to Linux and i am trying to configure SQUID proxy on Fedora10
but i am not able to browse internet from client, though i checked through wget its working on Fedora10 machine. Below is the squid.conf file contents, please suggest where i am wrong...

Regards,
Pankaj

Based on what you posted, there's no way to tell. You say first "I am not able to browse internet", then say "through wget its working"...????

You don't say what error(s) you're getting, or what client(s) you're trying from, to what sites. You say your proxy is on FC10...what about your clients? What kind of network setup do you have? Are the clients set up correctly?

Also, in your other thread on here, there are some good posts about how to set up and test Squid...have you gone through and checked them?

lovingaditya28 · 12-04-2009, 04:27 AM

Thanks for reply. Client machines in my network are with Windows XP and Windows 7.
Now i am able to access internet from client machines. i disabled iptables on SQUID proxy server. please guide me how to allow squid in iptables. Also guide me how to restrict users to open messangers and porn sites. I wants following through SQUID proxy...

1.....users with full internet access
2.....users with restricted internet access (Gmail, yahoo, messangers, porn sites etc blocked)
3.....users with restricted access but messengers allowed
3.....users with no internet access

Please guide me.

thanks,
Pankaj

TB0ne · 12-04-2009, 12:02 PM

Quote:

Originally Posted by lovingaditya28

Thanks for reply. Client machines in my network are with Windows XP and Windows 7.
Now i am able to access internet from client machines. i disabled iptables on SQUID proxy server. please guide me how to allow squid in iptables. Also guide me how to restrict users to open messangers and porn sites. I wants following through SQUID proxy...

1.....users with full internet access
2.....users with restricted internet access (Gmail, yahoo, messangers, porn sites etc blocked)
3.....users with restricted access but messengers allowed
3.....users with no internet access

Please guide me.

thanks,
Pankaj

Still haven't answered whether or not you followed the links in your other thread here. So I will "guide you" to Google. If you key in "linux squid iptables", you get things like this:

http://www.cyberciti.biz/tips/linux-...uid-howto.html
http://www.cyberciti.biz/tips/linux-...t-request.html

And what you want to do with the users, counteracts a 'transparent' proxy. Squid is going to have to know WHO the user is, so it can grant them certain rights. So either they have to log in to Squid, or need to have their authentication passed to Squid some other way...but you don't touch on that. Again, I will "guide you" to Google:

http://www.brennan.id.au/11-Squid_Web_Proxy.html