Results 1 to 10 of 10

Thread: SQUID Proxy Server

  1. #1
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default SQUID Proxy Server

    I have just installed and configured (minimal configurations) SQUID proxy server. I've seen where I can setup rules uses IP or MAC addresses. Is there any way to use username and password? I am just browsing throught the documentation.

    Is there any authentication program which could be intergated with SQUID so that it can do user authentication?

  2. #2
    Join Date
    Aug 2002
    Posts
    1,257
    Rep Power
    0

    Default Re:SQUID Proxy Server

    [me=Tech_Guru]Says -- A Wise man once showed me the light --- www.freshmeat.net[/me]

    http://freshmeat.net/search/?q=squid...ction=projects

    Take a look @ http://freshmeat.net/projects/squidguard/?topic_id=253

  3. #3
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    I had installed SQUID using rpms which does not allow ACLs to be formed using MAC addresses, so I am now reinstalling using tarball.

  4. #4
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    I am trying to intialize Squid and to have it running but I am confused, documentation doesn't tell me about errors.

    How do I start squid as the cache_efective_user is set to squid as well as I have tried commenting it out.

    Help!!!

    squid -f squid.conf -z gives the following output
    2003/11/19 19:37:40| Creating Swap Directories
    FATAL: Failed to make swap directory etc/squid/var/cache/00: (13) Permission denied
    Squid Cache (Version 2.5.STABLE4): Terminated abnormally.
    CPU Usage: 0.000 seconds = 0.000 user + 0.000 sys
    Maximum Resident Size: 0 KB
    Page faults with physical i/o: 7

    .. Done

    What may be the problem.
    /etc/squid/bin/RunCache
    Running: squid -sY >> /etc/squid/var/squid.out 2>&1
    /etc/squid/bin/RunCache: line 35: 995 Aborted squid -NsY $conf >>$logdir/squid.out 2>&1
    RunCache: EXITING DUE TO REPEATED, FREQUENT FAILURES

    squid -f /etc/squid/etc/squid.conf -z
    2003/11/19 20:24:13| Creating Swap Directories

    tail -30 /etc/squid/var/logs/cache.log
    2003/11/19 20:22:19| Starting Squid Cache version 2.5.STABLE4 for i686-pc-linux-gnu...
    2003/11/19 20:22:19| Process ID 1721
    2003/11/19 20:22:19| With 1024 file descriptors available
    2003/11/19 20:22:19| Performing DNS Tests...
    2003/11/19 20:22:19| Successful DNS name lookup tests...
    2003/11/19 20:22:19| DNS Socket created at 0.0.0.0, port 1026, FD 5
    2003/11/19 20:22:19| Adding nameserver 196.3.191.26 from /etc/resolv.conf
    2003/11/19 20:22:19| Adding nameserver 186.3.191.6 from /etc/resolv.conf
    2003/11/19 20:22:19| Unlinkd pipe opened on FD 10
    2003/11/19 20:22:19| Swap maxSize 102400 KB, estimated 7876 objects
    2003/11/19 20:22:19| Target number of buckets: 393
    2003/11/19 20:22:19| Using 8192 Store buckets
    2003/11/19 20:22:19| Max Mem size: 8192 KB
    2003/11/19 20:22:19| Max Swap size: 102400 KB
    2003/11/19 20:22:19| /etc/squid/var/cache/00: (2) No such file or directory
    FATAL:    Failed to verify one of the swap directories, Check cache.log
       for details. Run 'squid -z' to create swap directories
       if needed, or if running Squid for the first time.
    Squid Cache (Version 2.5.STABLE4): Terminated abnormally.
    CPU Usage: 0.023 seconds = 0.012 user + 0.012 sys
    Maximum Resident Size: 0 KB
    Page faults with physical i/o: 301

  5. #5
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    I sorted out all the that had to su - squid as well as give squid permissions on all the necessary files.

    As stated I used the tar ball for the ARP authentication but when I make a rule with ARP in it I get

    # squid --
    2003/11/20 14:08:40| squid.conf line 1744: acl ACLARP arp 00:03:47:c3:01:40
    2003/11/20 14:08:40| aclParseAclLine: Invalid ACL type 'arp'
    2003/11/20 14:08:40| squid.conf line 1770: http_access deny ACLARP
    2003/11/20 14:08:40| aclParseAccessLine: ACL name 'ACLARP' not found.
    2003/11/20 14:08:40| squid.conf line 1770: http_access deny ACLARP
    2003/11/20 14:08:40| aclParseAccessLine: Access line contains no ACL's, skipping
    [root@quota root]#
    I complied with --enable-arp-acl.

  6. #6
    Join Date
    Sep 2002
    Posts
    3,270
    Rep Power
    0

    Default Re:SQUID Proxy Server

    Normall I wouldn't bother helping here because you said you "browsed" through the documentation. When you do this, you usally miss "key points"
    Anyway, I assum you have to CONFIGURATION Manual

    * Configuration Manual for Squid 2.4 Stable x - This document provides a comprehensive explanation for ALL options for the 190+ configuration directives (used in the Squid 2.4 Stable-x squid.conf file).

    From here ?
    http://squid.visolve.com/

    For download and your own timely perusal...
    http://squid.visolve.com/squid24s1/squid24s1.pdf

    or
    if you have a internet connection thats always online...
    http://squid.visolve.com/squid24s1/contents.htm




  7. #7
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    [quote author=GILLION link=board=8;threadid=2370;start=0#msg22967 date=1069357731]
    Normall I wouldn't bother helping here because you said you "browsed" through the documentation. When you do this, you usally miss "key points"
    Anyway, I assum you have to CONFIGURATION Manual

    * Configuration Manual for Squid 2.4 Stable x - This document provides a comprehensive explanation for ALL options for the 190+ configuration directives (used in the Squid 2.4 Stable-x squid.conf file).

    From here ?
    http://squid.visolve.com/

    For download and your own timely perusal...
    http://squid.visolve.com/squid24s1/squid24s1.pdf

    or
    if you have a internet connection thats always online...
    http://squid.visolve.com/squid24s1/contents.htm



    [/quote]
    I was browsing day before yesterday after Deakie refered me to this solution.

    I have gone throught the maual, as well I am using squid-2. 5. I have send two days going through this document.

    Now that I am writing I am wondering if it is the case I that the problem I am having might be because I am installing squid-2.5 using the documentation for 2.4.

    Furthermore this is a configuration document which only mention that you will have to compile with --enable-arp-acl. Do you know where I can find an installation document? Had a warm time jsut figuring out basic stuff that a HOWTO or other relevant installation instruction would have alleviated. Thank the Lord for google.

    In the meanwhile I will try and find squid-2.5 documentation or will download and use squid-2.4 instead.

    Thanx

  8. #8
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    Seems like something is wrong with the Squid-2.5 that I had, the Squid-2.4.STABLE7 that I now have works perfectly, and I have not revised the documentation.

    I however seem to have my concepts skewed with respect to the actual working of the access list. I need to revist documetation. I have mannage to lock my MAC address out but removal of the rules to do so and even the definition along with a rebuilding of the cache still prevent me from connecting.

    With respect to IP address everything seem to be fine, just that I have DHCP, so that is useless to me.

    Thanks for the support, if you guys can enlighten my darkness with repect to MAC address please flip the switch. Until then I will to to 'see' through the docs.

    Godspeed

  9. #9
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    Finally got it to work, MAC Address and all. I am just having some problems stoping, starting and rebuilding cache, but I will write some srits to take care of that after I have searched to see if I can find some inforamtion from the Internt on this. Software re-use ...

    I am now deciding whether to allow all legtimate users on the network thus denying all others or to explicitly deny unauthorized users thus allowing all others. I am thinking of the former at the moment, cause I think it makes for a more secure server as well as less than 1/4 of my users are allowed to access the internet.

    Respect

  10. #10
    Join Date
    Jul 2003
    Posts
    424
    Rep Power
    0

    Default Re:SQUID Proxy Server

    Okay. I have SQUID installed, configured and running. The username/password pair authentication using NCSA works beautifully. I can set session timeouts as well as prevent more than one user from using the same password at the same time.

    I have alot more to learn, especially with optimization.

    I would like to thank you all for the support in helping me achieve this.

    X

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •