[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Squid help



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

William M. Quarles wrote:

| Hi,
|
| I'm trying to set up Squid on my computer, and it seems very difficult
| to get working.  Here is my log file from when it started:
|
| 2004/06/01 00:33:40| Starting Squid Cache version 2.5.STABLE3 for
| i386-redhat-linux-gnu...
| 2004/06/01 00:33:40| Process ID 9266
| 2004/06/01 00:33:40| With 1024 file descriptors available
| 2004/06/01 00:33:40| Performing DNS Tests...
| 2004/06/01 00:33:40| Successful DNS name lookup tests...
| 2004/06/01 00:33:40| DNS Socket created at 0.0.0.0, port 32798, FD 4
| 2004/06/01 00:33:40| Adding nameserver 205.152.144.23 from
/etc/resolv.conf
| 2004/06/01 00:33:40| Adding nameserver 205.152.132.23 from
/etc/resolv.conf
| 2004/06/01 00:33:40| User-Agent logging is disabled.
| 2004/06/01 00:33:40| Referer logging is disabled.
| 2004/06/01 00:33:40| Unlinkd pipe opened on FD 9
| 2004/06/01 00:33:40| Swap maxSize 131072 KB, estimated 10082 objects
| 2004/06/01 00:33:40| Target number of buckets: 504
| 2004/06/01 00:33:40| Using 8192 Store buckets
| 2004/06/01 00:33:40| Max Mem  size: 16384 KB
| 2004/06/01 00:33:40| Max Swap size: 131072 KB
| 2004/06/01 00:33:40| Rebuilding storage in /var/spool/squid (CLEAN)
| 2004/06/01 00:33:40| Using Least Load store dir selection
| 2004/06/01 00:33:40| Set Current Directory to /var/spool/squid
| 2004/06/01 00:33:40| Loaded Icons.
| 2004/06/01 00:33:40| Accepting HTTP connections at 0.0.0.0, port 3128,
| FD 10.
| 2004/06/01 00:33:40| Accepting ICP messages at 0.0.0.0, port 3130, FD 11.
| 2004/06/01 00:33:40| WCCP Disabled.
| 2004/06/01 00:33:40| Ready to serve requests.
|
| Are the 0.0.0.0's for the IP addresses normal operation?
|
| Thanks,
| William
|

William,

The 0.0.0.0 is usually normal.  It means that the service will accept
requests on any network interface.  A sort of global listen on all
interfaces.

Some system administrators will say this is BAD practice, but, it really
depends on your network setup as to how you may want to restrict access
to squid.  One good example, you may want to restrict access to a
specific network card (IP address/range) so sales people can get squid
access, but the engineering department (on another network/IP
address/range) to get no squid access.  And of course, the network card
attached to the outside Internet to have no squid access (this prevents
people from using your server as a caching jumping point for junk web
sites).

Even with all this, your iptables setup will also effect squid.

Thanks,
James Kosin


|


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAvNVNc7lFLjBWKW0RAkDiAKCDvZ2BMKl4WMzq/OYGIf7X6Ko+DACePl2T
WTDqXehKH+h04YX4cN8dSQc=
=IWz7
-----END PGP SIGNATURE-----



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]