next »

[Ricky]

General Information:

I using a PC with Fedora FC3 installed.  Squid 2.5 Stable came built with this distro.

My problem:

The default cache dir is /var/spool/squid.  Unfortunately /var is mounted on a much smaller partition than I want to use for squid.  So I wanted to move the cache dir to /usr/local/squid, which is on a partition with ample space.  After consulting with many web forums concerning SQUID configuraiton, I manually created the directory: /usr/local/squid, and then used chown to give 'squid' user and group onwership of the newly created directory  I then gave 755 perms to the /usr/local/squid directory.

Why you have to move whole squid ? Well.. keeo every thing at there old place and keep it simple and straight.. The only thing you have to edit is squid.conf and there you can edit following

Code:

cache_dir ufs /anydirectoryyouwant 2048 22 256

Here just specify any directory you and make the squid as it owner. Hope you understand it.

[keever]

... but I knew how to specify a different cache directory.  The problem was that I couldnt' initalize the directory becuase it didn't have the right perms.  I thought chmod 755 on /usr/local/squid would do it, but it still failed.  The correct solution was to change the perms not only and the newly specified cache directory but also /var/log/squid dir.

this is what worked.


#chmod -R 777 /usr/local/squid/*
#chmod -R 777 /usr/local/squid
#chmod -R 777 /var/log/squid/*
#chmod -R 777 /var/log/squid

[mr.fixit]

hi

i m new in this forum. so hi to every body.

i have a problem to make my proxy transparent. i read this post and done every thing as said in this post. but browsing in not started but working using proxy name & port.

My proxy is not auto starting on reboot.

thanks

[Ricky]

fixit>
If you are not able to make it transparent then may be your NAT is not working fine, as you said squid is not started on startup then I suspect your NAT script is also not executed at startup.
See if it has "execute" permission or not.

[mr.fixit]

hi Ricky

thanks for replying.

this is my rc.nat

{iptables=/sbin/iptables


iptables --flush -t nat


echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 80}

and permissions are 755.
but still transparent is still not working.
i read another how to about transparent and add a script in /etc/rc.d/init.d/squid

#!/bin/bash
PATH=/usr/bin:/sbin:/bin:/usr/sbin
export PATH

. /etc/rc.d/init.d/functions

. /etc/sysconfig/network

[ ${NETWORKING} = "no" ] && exit 0

[ -f /etc/squid/squid.conf ] || exit 0

[ -f /usr/sbin/squid ] && SQUID=squid
[ -z "$SQUID" ] && exit 0

CACHE_SWAP=`sed -e 's/#.*//g' /etc/squid/squid.conf | \
grep cache_dir | sed -e 's/cache_dir//' | \
cut -d ' ' -f 2`
[ -z "$CACHE_SWAP" ] && CACHE_SWAP=/var/spool/squid

SQUID_OPTS="-D"

RETVAL=0
case "$1" in

start)
   echo -n "Starting $SQUID: "
   for adir in $CACHE_SWAP; do
   if [ ! -d $adir/00 ] ; then
   echo -n "init_cache_dir $adir... "
   $SQUID -z -F 2>/dev/null
   fi
   done
   $SQUID SQUID_OPTS &
   RETVAL=$?
   echo $SQUID
   [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID
   ;;


stop)
   echo -n "Stopping $SQUID: "
   $SQUID -k shutdown &
   RETVAL=$?
   if [ $RETVAL -eq 0 ] ; then
   rm -f /var/lock/subsys/$SQUID
   while : ; do
   [ -f /var/run/squid.pid ] || break
   sleep 2 && echo -n "."
   done
   echo "done"
   else
   echo
   fi
   ;;

reload)
   $SQUID $SQUID_OPTS -k reconfigure
   exit $?
   ;;


restart)
   $0 stop
   $0 start
   ;;

status)
   status $SQUID
   $SQUID -k check
   exit $?
   ;;

probe)
   exit 0;
   ;;

*)
   echo "Usage: $0 {start|stop|status|reload|restart}"
   exit 1
   esac
   exit $RETVAL
and my squid.conf is

[Ricky]

That script has nothing to do with transparent proxy, that one only helps you to operate squid easily.

Anyways. as I suspected, you are not having NAT at all..

you have to do simple internet connection sharing also.

See this iptables internet connection sharing
Add masquerade first and then add redirection rule.

[mr.fixit]

hi Ricky

thanks again

my transparent is working now but mirc is not working.
my boss is using emule or edonkey that is also not working.
plz guid me.

thanks

[Ricky]

Configure both of things to connect directly, not via squid.

[mr.fixit]

Hi Ricky

my transparent proxy is running very well. i m facing a problem. voice chat on yahoo or msn is not connecting on clients behind that proxy.

what will u suggest?

thanks

[Ricky]

well, those do not work most of the time behind proxy, try tracing the ports used by voice chat and then see if they are allowed in proxy or not.

[avadhut]

I am running SQUID Proxy on Redhat 9 Linux. But I am unable to get my POP3 mails through Outlook Express on my Client machine, which is having Win2000. Which Port are used for connecting to POP3 & SMTP mail server? What is the configuration for it(on Linux & Windows). Please help.
Thanks
Regards
avadhut

[ilias]

Hi

If u are planning to use outlook/outlook express with simple squid proxy, it is better to configure proxy as transparent. You can find the how to tutorial of configuring transparent proxy. By the way for your satisfaction you can try to open ports 25 and 110 for SMTO and Pop3. in squid.conf.

[Austin]

Hello this is my first post on the forum and I have been visiting it often for help , Thanks for make this wonderful forum.

I need some help in configuring transparent squid on single machine ie with a single NIC connected to network with fixed ip

I have configured squid as a transparent proxy server the following are changes I have made to the squid configuration file from the default

My machine IP is 164.99.12.14 on which squid is running

acl novell_network src 164.99.12.0/24
http_access allow novell_network

httpd_accel_host vertual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
http_port 3128

I checked the configuration adding the IP and Port in the browser and it works fine

Now to make transparent proxy work I use the iptables command  

iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 3128

well it seems browsing completely stops after that

What is that I am doing wrong ??

Thanks

Regards
Austin

[Ricky]

sorry for late reply, I am away from computers .
This is because you can't do NAT on single NIC .. you need to have two or more nic to do packet forwarding.

Hope you understand

[Austin]

Hi Ricky , Thanks for the reply , Yes indeed I figured that out a little late  

   Recommend LS
   Linux User Around