You are not logged in.
Ive just been playing with squid and its all set up to allow connections from anywhere, it all works after Ive set everything up, but it doesn't seem to work properly after a fresh boot of the PC its on.
So I have enabled squid service, and it apparently starts up 100% from its status after a PC reboot, but nothing is able to connect/use the proxy until I manually restart squid.service on the PC its on, then everything works 100%. There isn't much in journalctl.
Any ideas?
I have shorewall setup aswell. Allowing port 3128 which is what squid is on.
edit:
It wont work from a laptop with windows, nor from two iPads, I don't get the squid error page, I just get a chromium error.
**new edit:
just rebooted and got error with 'no DNS records' from squid on the laptop, then restarted squid and things worked immediately afterwards.
squid.conf:
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
#http_access deny all
#Allow acces
http_access allow all
# Squid normally listens to port 3128
http_port 3128
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/cache/squid 2560 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
dns_defnames on
minimum_object_size 1 KB
maximum_object_size 1024 MB
russell-server% sudo cat /etc/squid/squid.conf
#
# Recommended minimum configuration:
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
#
# Recommended minimum Access Permission configuration:
#
# Deny requests to certain unsafe ports
http_access deny !Safe_ports
# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# Only allow cachemgr access from localhost
http_access allow localhost manager
http_access deny manager
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost
# And finally deny all other access to this proxy
#http_access deny all
#Allow acces
http_access allow all
# Squid normally listens to port 3128
http_port 3128
# Uncomment and adjust the following to add a disk cache directory.
cache_dir ufs /var/cache/squid 2560 16 256
# Leave coredumps in the first cache dir
coredump_dir /var/cache/squid
#
# Add any of your own refresh_pattern entries above these.
#
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
dns_defnames on
minimum_object_size 1 KB
maximum_object_size 1024 MBme restarting squid:
Oct 13 13:13:16 russell-server sudo[1577]: jason : TTY=pts/0 ; PWD=/home/jason ; USER=root ; COMMAND=/usr/bin/systemctl restart squid.service
Oct 13 13:13:16 russell-server sudo[1577]: pam_unix(sudo:session): session opened for user root by jason(uid=0)
Oct 13 13:13:16 russell-server systemd[1]: Stopping Web Proxy Cache Server...
Oct 13 13:13:17 russell-server squid[304]: Preparing for shutdown after 65 requests
Oct 13 13:13:17 russell-server squid[304]: Waiting 30 seconds for active connections to finish
Oct 13 13:13:17 russell-server squid[304]: Closing HTTP port [::]:3128
Oct 13 13:13:17 russell-server squid[304]: Shutdown: NTLM authentication.
Oct 13 13:13:17 russell-server squid[304]: Shutdown: Negotiate authentication.
Oct 13 13:13:17 russell-server squid[304]: Shutdown: Digest authentication.
Oct 13 13:13:17 russell-server squid[304]: Shutdown: Basic authentication.
Oct 13 13:13:17 russell-server systemd[1]: Starting Web Proxy Cache Server...
Oct 13 13:13:19 russell-server squid[1584]: Squid Parent: will start 1 kids
Oct 13 13:13:19 russell-server squid[1584]: Squid Parent: (squid-1) process 1586 started
Oct 13 13:13:19 russell-server systemd[1]: PID file /run/squid.pid not readable (yet?) after start.
Oct 13 13:13:20 russell-server squid[1586]: Starting Squid Cache version 3.3.9 for x86_64-unknown-linux-gnu...
Oct 13 13:13:20 russell-server squid[1586]: Process ID 1586
Oct 13 13:13:20 russell-server squid[1586]: Process Roles: worker
Oct 13 13:13:20 russell-server squid[1586]: With 1024 file descriptors available
Oct 13 13:13:20 russell-server squid[1586]: Initializing IP Cache...
Oct 13 13:13:20 russell-server squid[1586]: DNS Socket created at [::], FD 8
Oct 13 13:13:20 russell-server squid[1586]: DNS Socket created at 0.0.0.0, FD 9
Oct 13 13:13:20 russell-server squid[1586]: Adding nameserver 8.8.8.8 from /etc/resolv.conf
Oct 13 13:13:20 russell-server squid[1586]: Logfile: opening log daemon:/var/log/squid/access.log
Oct 13 13:13:20 russell-server squid[1586]: Logfile Daemon: opening log /var/log/squid/access.log
Oct 13 13:13:20 russell-server squid[1586]: Unlinkd pipe opened on FD 15
Oct 13 13:13:20 russell-server squid[1586]: Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
Oct 13 13:13:20 russell-server squid[1586]: Store logging disabled
Oct 13 13:13:20 russell-server squid[1586]: Swap maxSize 2621440 + 262144 KB, estimated 221814 objects
Oct 13 13:13:20 russell-server squid[1586]: Target number of buckets: 11090
Oct 13 13:13:20 russell-server squid[1586]: Using 16384 Store buckets
Oct 13 13:13:20 russell-server squid[1586]: Max Mem size: 262144 KB
Oct 13 13:13:20 russell-server squid[1586]: Max Swap size: 2621440 KB
Oct 13 13:13:20 russell-server squid[1586]: Rebuilding storage in /var/cache/squid (dirty log)
Oct 13 13:13:20 russell-server squid[1586]: Using Least Load store dir selection
Oct 13 13:13:20 russell-server squid[1586]: Set Current Directory to /var/cache/squid
Oct 13 13:13:20 russell-server squid[1586]: Loaded Icons.
Oct 13 13:13:20 russell-server squid[1586]: HTCP Disabled.
Oct 13 13:13:20 russell-server squid[1586]: Squid plugin modules loaded: 0
Oct 13 13:13:20 russell-server squid[1586]: Adaptation support is off.
Oct 13 13:13:20 russell-server squid[1586]: Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 18 flags=9
Oct 13 13:13:20 russell-server sudo[1577]: pam_unix(sudo:session): session closed for user root
Oct 13 13:13:20 russell-server systemd[1]: squid.service: Supervising process 1586 which is not our child. We'll most likely not notice when it exits.
Oct 13 13:13:20 russell-server systemd[1]: Started Web Proxy Cache Server.
Oct 13 13:13:20 russell-server squid[1586]: Done reading /var/cache/squid swaplog (1357 entries)
Oct 13 13:13:20 russell-server squid[1586]: Finished rebuilding storage from disk.
Oct 13 13:13:20 russell-server squid[1586]: 1305 Entries scanned
Oct 13 13:13:20 russell-server squid[1586]: 0 Invalid entries.
Oct 13 13:13:20 russell-server squid[1586]: 0 With invalid flags.
Oct 13 13:13:20 russell-server squid[1586]: 1253 Objects loaded.
Oct 13 13:13:20 russell-server squid[1586]: 0 Objects expired.
Oct 13 13:13:20 russell-server squid[1586]: 52 Objects cancelled.
Oct 13 13:13:20 russell-server squid[1586]: 0 Duplicate URLs purged.
Oct 13 13:13:20 russell-server squid[1586]: 0 Swapfile clashes avoided.
Oct 13 13:13:20 russell-server squid[1586]: Took 0.04 seconds (31498.24 objects/sec).
Oct 13 13:13:20 russell-server squid[1586]: Beginning Validation Procedure
Oct 13 13:13:20 russell-server squid[1586]: Completed Validation Procedure
Oct 13 13:13:20 russell-server squid[1586]: Validated 1253 Entries
Oct 13 13:13:20 russell-server squid[1586]: store_swap_size = 24112.00 KB
Oct 13 13:13:21 russell-server squid[1586]: storeLateRelease: released 0 objectsmore squid from journalctl
russell-server% sudo journalctl -b -u squid
-- Logs begin at Sun 2013-07-14 15:12:27 SAST, end at Sun 2013-10-13 13:18:44 SAST. --
Oct 13 13:10:27 russell-server systemd[1]: Starting Web Proxy Cache Server...
Oct 13 13:10:32 russell-server squid[302]: Squid Parent: will start 1 kids
Oct 13 13:10:32 russell-server squid[302]: Squid Parent: (squid-1) process 304 started
Oct 13 13:10:32 russell-server systemd[1]: PID file /run/squid.pid not readable (yet?) after start.
Oct 13 13:10:32 russell-server squid[304]: Starting Squid Cache version 3.3.9 for x86_64-unknown-linux-gnu...
Oct 13 13:10:32 russell-server squid[304]: Process ID 304
Oct 13 13:10:32 russell-server squid[304]: Process Roles: worker
Oct 13 13:10:32 russell-server squid[304]: With 1024 file descriptors available
Oct 13 13:10:32 russell-server squid[304]: Initializing IP Cache...
Oct 13 13:10:32 russell-server squid[304]: DNS Socket created at [::], FD 8
Oct 13 13:10:32 russell-server squid[304]: DNS Socket created at 0.0.0.0, FD 9
Oct 13 13:10:32 russell-server squid[304]: Warning: Could not find any nameservers. Trying to use localhost
Oct 13 13:10:32 russell-server squid[304]: Please check your /etc/resolv.conf file
Oct 13 13:10:32 russell-server squid[304]: or use the 'dns_nameservers' option in squid.conf.
Oct 13 13:10:33 russell-server squid[304]: Logfile: opening log daemon:/var/log/squid/access.log
Oct 13 13:10:33 russell-server squid[304]: Logfile Daemon: opening log /var/log/squid/access.log
Oct 13 13:10:33 russell-server squid[304]: Unlinkd pipe opened on FD 15
Oct 13 13:10:33 russell-server squid[304]: Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
Oct 13 13:10:33 russell-server squid[304]: Store logging disabled
Oct 13 13:10:33 russell-server squid[304]: Swap maxSize 2621440 + 262144 KB, estimated 221814 objects
Oct 13 13:10:33 russell-server squid[304]: Target number of buckets: 11090
Oct 13 13:10:33 russell-server squid[304]: Using 16384 Store buckets
Oct 13 13:10:33 russell-server squid[304]: Max Mem size: 262144 KB
Oct 13 13:10:33 russell-server squid[304]: Max Swap size: 2621440 KB
Oct 13 13:10:34 russell-server squid[304]: Rebuilding storage in /var/cache/squid (dirty log)
Oct 13 13:10:34 russell-server squid[304]: Using Least Load store dir selection
Oct 13 13:10:34 russell-server squid[304]: Set Current Directory to /var/cache/squid
Oct 13 13:10:34 russell-server squid[304]: Loaded Icons.
Oct 13 13:10:34 russell-server squid[304]: HTCP Disabled.
Oct 13 13:10:34 russell-server squid[304]: Squid plugin modules loaded: 0
Oct 13 13:10:34 russell-server squid[304]: Adaptation support is off.
Oct 13 13:10:34 russell-server squid[304]: Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 18 flags=9
Oct 13 13:10:34 russell-server systemd[1]: squid.service: Supervising process 304 which is not our child. We'll most likely not notice when it exits.
Oct 13 13:10:34 russell-server systemd[1]: Started Web Proxy Cache Server.
Oct 13 13:10:34 russell-server squid[304]: Done reading /var/cache/squid swaplog (1358 entries)
Oct 13 13:10:34 russell-server squid[304]: Finished rebuilding storage from disk.
Oct 13 13:10:34 russell-server squid[304]: 1305 Entries scanned
Oct 13 13:10:34 russell-server squid[304]: 1 Invalid entries.
Oct 13 13:10:34 russell-server squid[304]: 0 With invalid flags.
Oct 13 13:10:34 russell-server squid[304]: 1253 Objects loaded.
Oct 13 13:10:34 russell-server squid[304]: 0 Objects expired.
Oct 13 13:10:34 russell-server squid[304]: 52 Objects cancelled.
Oct 13 13:10:34 russell-server squid[304]: 0 Duplicate URLs purged.
Oct 13 13:10:34 russell-server squid[304]: 0 Swapfile clashes avoided.
Oct 13 13:10:34 russell-server squid[304]: Took 0.24 seconds (5179.53 objects/sec).
Oct 13 13:10:34 russell-server squid[304]: Beginning Validation Procedure
Oct 13 13:10:34 russell-server squid[304]: Completed Validation Procedure
Oct 13 13:10:34 russell-server squid[304]: Validated 1253 Entries
Oct 13 13:10:34 russell-server squid[304]: store_swap_size = 24112.00 KB
Oct 13 13:10:34 russell-server squid[304]: storeLateRelease: released 0 objects
Oct 13 13:13:16 russell-server systemd[1]: Stopping Web Proxy Cache Server...
Oct 13 13:13:17 russell-server squid[304]: Preparing for shutdown after 65 requests
Oct 13 13:13:17 russell-server squid[304]: Waiting 30 seconds for active connections to finish
Oct 13 13:13:17 russell-server squid[304]: Closing HTTP port [::]:3128
Oct 13 13:13:17 russell-server squid[304]: Shutdown: NTLM authentication.
Oct 13 13:13:17 russell-server squid[304]: Shutdown: Negotiate authentication.
Oct 13 13:13:17 russell-server squid[304]: Shutdown: Digest authentication.This stands out:
Oct 13 13:10:32 russell-server squid[304]: DNS Socket created at [::], FD 8
Oct 13 13:10:32 russell-server squid[304]: DNS Socket created at 0.0.0.0, FD 9
Oct 13 13:10:32 russell-server squid[304]: Warning: Could not find any nameservers. Trying to use localhost
Oct 13 13:10:32 russell-server squid[304]: Please check your /etc/resolv.conf file
Oct 13 13:10:32 russell-server squid[304]: or use the 'dns_nameservers' option in squid.conf.and everything works 100% when I use the 'dns_nameservers' option in squid.conf.
Squid must start once netctl has started? or after my nameservers are in /etc/resolve.conf?
Last edited by jrussell (2013-10-13 11:26:20)
bitcoin: 1G62YGRFkMDwhGr5T5YGovfsxLx44eZo7U
Offline