On 06/06/11 11:55, MrNicholsB wrote:
> Squid is caching content, but it is NOT serving cache to my clients and
> frankly its driving me nuts, I dont need a 101 on squid, I just need a
> basic conf. I wish the devs would include a basic transparent cache
> proxy conf with squid to save noobs like me the trouble. My clients are
(rant warning)
We can't bundle it.
* This TCP hijacking is no topic for "noobs" as you put it.
* "transparent" rides a fine line of legality in most of the world.
Just like downloading MP3s and AVIs, everybody "noob" tries it anyway.
We do distribute the 19 configs via the wiki.
* http://wiki.squid-cache.org/ConfigExamples/#Interception
as you can see; a different config for every device, firewall software,
and firewall feature on the market. That list is also only for the
common ones we get told about.
/rant
> MANUALLY aimed at the proxy at port 3128, they can surf just fine, so
good. Problem worked around then. Time to relax before looking at
alternatives calmly.
> NAT is NOT required on the box, I just need a conf that actually WORKS.
Good. Lets keep it completely out of the picture until the caching bit
is figured out.
> This is getting absurd, I dont understand why its not serving up cached
> content, I download ANYTHING you know 13mb exe files from a site, then
> go download the same file on another pc and BAM!! fresh content NOT
Ah, there is a sign that (a) the PC are each asking for different
content (one URL has multiple "variants" in HTTP), or (b) the server is
producing different content for each unique client.
Once you have a recent enough version of Squid we can give you debug
settings to log the headers and see what is going on.
> served from the cache, wtf am I doing wrong here!?!?!?!
Still doing all this with 3.0.STABLE1 ? yes/no ?
Caching behaviour and HTTP compliance has undergone a LOT of good
changes since then.
>
> Ive tried several confs and they all FAIL to actually serve up cache,
> below is my latest attempt.
>
> http_port 3128 transparent
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> access_log /var/log/squid3/access.log squid
> hosts_file /etc/hosts
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563 # https, snews
> acl SSL_ports port 873 # rsync
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl Safe_ports port 631 # cups
> acl Safe_ports port 873 # rsync
> acl Safe_ports port 901 # SWAT
> acl purge method PURGE
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access allow localhost
> acl lan src 10.10.1.0/24
> http_access allow localhost
> http_access allow lan
> http_access deny all
> http_reply_access allow all
> icp_access allow all
> visible_hostname katmai.local
> always_direct allow all
> coredump_dir /var/spool/squid3
> cache_dir ufs /var/spool/squid3 20000 32 256
> maximum_object_size 200 MB
> maximum_object_size_in_memory 50 MB
>
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.8 and 3.1.12.2Received on Mon Jun 06 2011 - 04:30:34 MDT
This archive was generated by hypermail 2.2.0 : Mon Jun 06 2011 - 12:00:02 MDT