squid

aigartua · 12-19-2002, 08:33 PM

I have redhat 8 with kernel 2.4.20 and i made a compilation of squid-2.5.STABLE1 with the following parameters: CC="gcc" \
CFLAGS="-O3 -march=i686 -mcpu=i686 -funroll-
./configure \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/sbin \
--libexecdir=/usr/lib/squid \
--localstatedir=/var \
--sysconfdir=/etc/squid \
--enable-delay-pools \
--enable-cache-digests \
--enable-poll \
--disable-ident-lookups \
--enable-truncate \
--enable-removal-policies=”heap” \
--enable-auth-modules=”PAM”
--enable-xmalloc-statistics \
--enable-cachemgr-hostname=www \
--enable-linux-netfilter \
--enable-stacktraces

after i made make install, i made my scripts and at this point all work fine.

i start the service y when a try navigate from a client i recive this error:

socket error
(98) address alredy in use

i havent any services in my box, i just have ssh, sunrpc and squid

i try recompiling squid without any parameters and its the same.

i have 1 week try but nothing works, anybody can help me? any idea? please

DavidPhillips · 12-19-2002, 11:08 PM

what port are you trying to run it on?
3128 is the default

try this

Code:

netstat -a --numeric-ports | grep 3128

aigartua · 12-20-2002, 09:12 AM

I try in ports 8080, 80, 3128, etc, allways is the same problem

DavidPhillips · 12-20-2002, 09:18 AM

is portmapper running?

what did netstat show on those ports?

aigartua · 12-20-2002, 09:32 AM

Netstat report with squid running:

tcp 0 0 192.168.0.1:3128 0.0.0.0:* LISTEN

whith squid shutdown:

nothing

about portmapper, who i check if is running? i made rpm -qi portmapper but didn´t work

DavidPhillips · 12-20-2002, 10:00 AM

so squid is running, does it work?

try

netstat -a

see if that process that's running on port 3128 is squid
also you don't want to run squid on port 80
you should just run it on port 3128 and
setup a transparent proxy with iptables

/etc/squid/squid.conf

Code:

acl QUERY urlpath_regex cgi-bin \?

no_cache deny QUERY

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443 563	# https, snews
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 777		# multiling http
acl CONNECT method CONNECT

acl lan1 src 192.168.0.0/255.255.255.0
acl lan2 src 192.168.1.0/255.255.255.0

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow lan1
http_access allow lan2

http_access allow localhost
http_access deny all

icp_access allow all

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

iptables rules for squid transparent proxy
ppp0 is for dial up clients if you have a dialup server
the eth0 and eth1 would be internal lan ( see lan1 and lan2 in acl list )

Code:

$IPTABLES -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -A PREROUTING -t nat -i ppp0 -p tcp --dport 80 -j REDIRECT --to-port 3128

aigartua · 12-20-2002, 10:29 AM

Hi DavidPhillips, thanks for you time

with your squid.conf file when i start the service shows the word ok, but if i use netstat -a it don´t show the service squid and when i use /etc/rc.d/init.d/squid status show me: squid deade but subsys locked, squid: ERROR: No running copy

with my squid.conf file the service start and netstat -a showme the service and squid status too, this is my file:

icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 42 MB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir ufs /var/lib/squid 200 16 256
acl localnet src 192.168.1.0/255.255.255.0
acl localhost src 127.0.0.1/255.255.255.255
acl Safe_ports port 80 443 210 70 21 1025-65535
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
http_access allow localnet
http_access allow localhost
http_access deny !Safe_ports
http_access deny CONNECT
http_access deny all
cache_mgr root
cache_effective_user squid
cache_effective_group squid
logfile_rotate 0
log_icp_queries off
cachemgr_passwd my-secret-pass all
buffered_logs on

DavidPhillips · 12-20-2002, 10:51 AM

it's strange that it won't work, I can't see why there would be a problem, maybe apache is running. You can check the squid log files.

So, what your original problem was trying to say is the client is generating the error?

Quote:

i start the service y when a try navigate from a client i recive this error:

socket error
(98) address alredy in use

DavidPhillips · 12-20-2002, 10:55 AM

as far as portmap goes

chkconfig --list portmap
portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off

service portmap status
portmap (pid 944) is running...

aigartua · 12-20-2002, 10:59 AM

The problem is that squid send the error to all the clients, all the message is:

ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: http://home.netscape.com/bookmark/6_0/homebutton.html
The following error was encountered:
Socket Failure
The system returned:
(98) Address already in use
Squid is unable to create a TCP socket, presumably due to excessive load. Please retry your request.
Your cache administrator is root.
(squid/2.5.STABLE1-20021214)

i think that the error is from squid

aigartua · 12-20-2002, 11:24 AM

the comand chkconfig --list portmap show:

portmap 0

ff 1:0ff 2

ff 3

n 4

n 5

n 6

n

/etc/init.d/portmap status show:

portmap (pid 457) is running...

aigartua · 12-20-2002, 11:25 AM

the comand chkconfig --list portmap show:

portmap 0: 0ff 1: 0ff 2: off 3: on 4: on 5: on 6: on

/etc/init.d/portmap status show:

portmap (pid 457) is running...

DavidPhillips · 12-20-2002, 01:12 PM

Have you checked the log files in /var/log/squid

aigartua · 12-20-2002, 01:23 PM

the cache.log file contains:

Starting Squid Cache version 2.5.STABLE1-20021214 for i586-pc-linux-gnu...
Process ID 628
With 1024 file descriptors available
DNS Socket created at 0.0.0.0, port 16384, FD 5
Adding nameserver 172.16.0.1 from /etc/resolv.conf
Unlinkd pipe opened on FD 10
Swap maxSize 204800 KB, estimated 15753 objects
Target number of buckets: 787
Using 8192 Store buckets
Max Mem size: 43008 KB
Max Swap size: 204800 KB
Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
Rebuilding storage in /var/lib/squid (CLEAN)
Using Least Load store dir selection
Current Directory is /root
Loaded Icons.
Accepting HTTP connections at 192.0.0.9, port 80, FD 11.
WCCP Disabled.
Ready to serve requests.
commBind: Cannot bind socket FD 13 to *:0: (98) Address already in use
commBind: Cannot bind socket FD 13 to *:0: (98) Address already in use

DavidPhillips · 12-20-2002, 01:48 PM

not sure but if you put it at default config it will likely work

you are running it on port 80 it looks like, and it's saying some other ip address that it's binded to.

what do you have in /etc/services

Accepting HTTP connections at 0.0.0.0, port 3128, FD 11