LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Squid help (https://www.linuxquestions.org/questions/linux-software-2/squid-help-4175460050/)

moog7 04-29-2013 02:00 PM
Squid help
 
Hi,

Even though I have purged a URL from the squid cache, I still see the old page. For example I have a firewall that does content filtering and I've chosen to block www.domain.com. When a user goes to domain.com they will normally see a access denied page. However once I give this user access to the site, I still get the access denied page as before from squid.

If I take off the proxy settings for example, it works fine.

In my squid.conf I have:

acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE

I entered this command: squidclient -h localhost -m PURGE http://www.domain.com/

and receive a HTTP 200 OK.

How do I get around this?

Thanks.

JSkywalker 04-30-2013 09:10 AM
your client (=webbrowser) also has a local cache. Did you try to clear that before re-trying to visit www.domain.com?

moog7 05-01-2013 12:38 PM
Quote:
Originally Posted by JSkywalker (Post 4941894)
your client (=webbrowser) also has a local cache. Did you try to clear that before re-trying to visit www.domain.com?
Yes I've tried deleting the browser cache. I've also cleared and rebuilt the squid cache but the problem remains.

JSkywalker 05-02-2013 12:10 PM
"However once I give this user access to the site, I still get the access denied page "
what changes do you make to your config for this?

"If I take off the proxy settings for example"
can you post your 'proxy settings'?

moog7 05-02-2013 05:00 PM
Quote:
Originally Posted by JSkywalker (Post 4943515)
"However once I give this user access to the site, I still get the access denied page "
what changes do you make to your config for this?

"If I take off the proxy settings for example"
can you post your 'proxy settings'?
I excluded the user's IP address from the content filter so that they can bypass the content filter. This is done on a hardware firewall.

The proxy settings is just the proxy server IP and port number which the browser uses by default. eg. 192.168.1.10:8000

JSkywalker 05-03-2013 11:39 AM
Your squid is running on different hardware than your client?
If so, than this line:
http_access allow PURGE localhost
is not good enough, it tells squid to only allow access from localhost.
change it to sometiing like (depending on you local ip-addressed):
acl PURGE src 192.168.0.0/24
This will give access to all ip-addresses from 192.168.0.1 - 192.168.0.254

moog7 05-08-2013 04:33 PM
Quote:
Originally Posted by JSkywalker (Post 4944273)
Your squid is running on different hardware than your client?
If so, than this line:
http_access allow PURGE localhost
is not good enough, it tells squid to only allow access from localhost.
change it to sometiing like (depending on you local ip-addressed):
acl PURGE src 192.168.0.0/24
This will give access to all ip-addresses from 192.168.0.1 - 192.168.0.254


I added the acl PURGE src 192.168.0.0/24 and removed http_access allow PURGE localhost in squid.conf but squid failed when I tried to restart it. :scratch:

JSkywalker 05-09-2013 05:10 AM
hmmmz, i wonder why i typed "acl PURGE src 192.168.0.0/24", and thinking what that could mean.....

But if your network is configured using a different ip-address-range, than you need to CHANGE this line.

And, when you restart squid, and it " failed when I tried to restart it", it would be nice to have the details on why it did not restart, the details are somewhere in a logfile.....


All times are GMT -5. The time now is 03:16 AM.