Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can you check your log files and post any eventual error? Log files are the very first place to check. Without more information nobody could give an answer to this question because we don't know your setup, system, etc...
Can you check your log files and post any eventual error? Log files are the very first place to check. Without more information nobody could give an answer to this question because we don't know your setup, system, etc...
Kind regards,
Eric
Hi - how do I do that?
It seems the service starts with service squid start but just not with that conf line...
[root@localhost ~]# service squid start
init_cache_dir /var/spool/squid... Starting squid: . [ OK ]
[root@localhost ~]# chkconfig squid on
[root@localhost ~]# /etc/init.d/squid start
Starting squid: [FAILED]
[root@localhost ~]# vi /etc/squid/squid.conf
[root@localhost ~]# /etc/init.d/squid start
Starting squid: [FAILED]
The first line you have started squid and it stated OK, then why do you start again and again? however check process whether squid start or not(ps ax | grep squid) and check relevant logs
The first line you have started squid and it stated OK, then why do you start again and again? however check process whether squid start or not(ps ax | grep squid) and check relevant logs
doesn't the /etc/init.d/squid start do something different like ensure it is using the conf file?
Right...so it seems to be started.
I have set up ncsa auth but when I use the proxy IP through my browser nothing happens.
I can ping the server - any ideas what to check?
Right...so it seems to be started.
I have set up ncsa auth but when I use the proxy IP through my browser nothing happens.
I can ping the server - any ideas what to check?
Depends on what you want to happen, how you want it to work, how and what is configured, ...
I don't know your squid.conf so have no idea whatsoever how you configured squid and to do what.
The ncsa authentication helper depends on proxy_auth type acl so there should be at least one configured.
The easiest way is to post your squid.conf (after changing any personal information like ip addresses, servernames etc, and substituting them like server1.domain.com.
I don't seem to be able to copy all the squid.conf but I haven't changed much from the default.
I added these lines:
Quote:
1) Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it's universally readable.
2) Use the htpasswd program to add users to the password file. You can add users at anytime without having to restart Squid. In this case, you add a username called www:
[root@bigboy tmp]# htpasswd /etc/squid/squid_passwd www
New password:
Re-type new password:
Adding password for user www
[root@bigboy tmp]#
3) Find your ncsa_auth file using the locate command.
4) Edit squid.conf; specifically, you need to define the authentication program in squid.conf, which is in this case ncsa_auth. Next, create an ACL named ncsa_users with the REQUIRED keyword that forces Squid to use the NCSA auth_param method you defined previously. Finally, create an http_access entry that allows traffic that matches the ncsa_users ACL entry. Here's a simple user authentication example; the order of the statements is important:
#
# Add this to the auth_param section of squid.conf
#
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
#
# Add this to the bottom of the ACL section of squid.conf
#
acl ncsa_users proxy_auth REQUIRED
#
# Add this at the top of the http_access section of squid.conf
#
http_access allow ncsa_users
and I also opened the iptables port
Quote:
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8002 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9001 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp --dport 3128 -j ACCEPT
-A INPUT -j DROP
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
COMMIT
Trying to get a response on port 3128 through my browser. It should at least prompt me for a password but it just says no response.
Did you just edit the original squid.conf file which is around 4000 lines in order to activate what you need? Remember that Squid processes the entire file and mistakes are easily made when your file is that big.
Better idea is to move the original to another name (mv squid.conf squid.ori), create a new one (touch squid.conf) and just put the lines that are applicable to you in it. That way it's a lot easier to read and you'll still have the original file as a reference.
Am I to understand you got everything up and running now? If so, great job.
Did you just edit the original squid.conf file which is around 4000 lines in order to activate what you need? Remember that Squid processes the entire file and mistakes are easily made when your file is that big.
Better idea is to move the original to another name (mv squid.conf squid.ori), create a new one (touch squid.conf) and just put the lines that are applicable to you in it. That way it's a lot easier to read and you'll still have the original file as a reference.
Am I to understand you got everything up and running now? If so, great job.
Kind regards,
Eric
Well, I have http up and running on port 3128.
Now I need to forward port 80 to 3128 and set up SSL but I'll leave that for another day.
Could I also do cp /etc/squid/squid.conf /etc/squid.squid.ori
and then delete lines in the current one?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
