Proxy Squid

Issues related to configuring your network
Post Reply
calad03
Posts: 5
Joined: 2007/02/22 12:17:17
Contact:

Proxy Squid

Post by calad03 » 2007/03/19 10:19:06

Hello
I have a problem with squid and I don't know how to solve it.
I have the next config
[quote]
http_port 10.6.64.30:8080
cache_peer 10.1.0.51 parent 8080 3130 no-query no-digest
cache_mem 100 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 3096 KB
minimum_object_size 0 KB
cache_replacement_policy lru
memory_replacement_policy lru
cache_dir ufs /var/spool/squid 10000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
debug_options ALL,1
dns_nameservers 127.0.0.1
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm use_ntlm_negotiate off
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
forward_timeout 1 minutes
peer_connect_timeout 30 seconds
persistent_request_timeout 1 minute

acl comercial src 10.6.64.0/255.255.255.0
acl tribunal src 10.6.60.0/255.255.255.0
acl nepermis src 0.0.0.0/0.0.0.0
acl all src 0.0.0.0/0.0.0.0
acl interzis url_regex "/etc/squid/situri.txt"
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http

http_access deny interzis
http_access allow comercial
http_access allow tribunal
http_access allow Safe_ports
http_access deny nepermis
cache_effective_user squid
cache_effective_group squid
store_avg_object_size 500 KB
useragent_log /var/log/squid/useri.log
connect_timeout 30 second
[/quote]
Problem apper when I try to open a file directly from website. I take's to long to open it and I get an timeout error, if I save the file localy is working.
What to modify ?
Thanks

pjwelsh
Posts: 2620
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Proxy Squid

Post by pjwelsh » 2007/03/19 15:42:41

[quote]Problem apper when I try to open a file directly from website. I take's to long to open it and I get an timeout error, if I save the file localy is working.
What to modify ? [/quote]

Please describe what you mean and what is trying to download/fail and what is working... How do you save the file if you can't get it directly?

calad03
Posts: 5
Joined: 2007/02/22 12:17:17
Contact:

Re: Proxy Squid

Post by calad03 » 2007/03/20 06:46:02

Hi,
Well if I click on the file to open it directly from a website it fails
If I do a right click and save the file is working and I can open the file.
Hope to understand ...

pjwelsh
Posts: 2620
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Proxy Squid

Post by pjwelsh » 2007/03/20 22:24:43

Does clicking on the link just not open the application you expect? The click or rt-click->save download the same way. The click will try to open a help app (like acroread, openoffice etc).

calad03
Posts: 5
Joined: 2007/02/22 12:17:17
Contact:

Re: Proxy Squid

Post by calad03 » 2007/03/21 06:18:43

HI,
I make it to work, It was something from the time period that squid keep the connection alive.
But now I have another problem...when I try to open a page on port 443 (https page) I get an error.

pjwelsh
Posts: 2620
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Proxy Squid

Post by pjwelsh » 2007/03/21 13:15:33

Are you going to make me read your mind to find out the error? :-P :lol:

calad03
Posts: 5
Joined: 2007/02/22 12:17:17
Contact:

Re: Proxy Squid

Post by calad03 » 2007/03/21 20:55:16

Sorry,
I get an time out error for pages that goes to port 443
In my config i don't use any time setting because I get access using another proxy server to wich I don't have access.
If I use the first proxy server I can open any pages even the one on port 443. If I use the second server (my server) when I try to open a https pages I get the time out error.
Please help

pjwelsh
Posts: 2620
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Proxy Squid

Post by pjwelsh » 2007/03/21 21:13:57

Since you squid.conf seems to allow 443 as part of the "safe_ports" I would bet that you are not using the proxy for https in you browser.

calad03
Posts: 5
Joined: 2007/02/22 12:17:17
Contact:

Re: Proxy Squid

Post by calad03 » 2007/03/26 05:26:19

and how can I do that ?
But, if https doesn't pass thru my proxy, it meens that go directly thru the second proxy server.
it doesn't work only when I go out thru my proxy server.


pc ----- squid[2] -------squid[1]------internet = is not working
pc -----squid [1] ------ internet = is working

Post Reply

Return to “CentOS 4 - Networking Support”