Page 1 of 1

squid starting problem

Posted: Tue Nov 06, 2007 2:29 am
by bachajamuraa
salamz
i want to start my cache squid server .. i have RHEL4
-----------
my squid setting
-------
http_port 3128
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 32 MB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap LFUDA
cache_dir ufs /cache 60000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /dev/null
emulate_httpd_log on
hosts_file /etc/hosts
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl all src 0.0.0.0/0.0.0.0
acl home src 192.168.0.0/255.255.255.0

acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_lcalhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow home
http_access allow localhost
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_reply_access allow all
icp_access allow all

cache_mgr webmaster@abc.com
cache_effective_user squid
visible_hostname abc.com

httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

logfile_rotate 32
memory_pools on
memory_pools_limit 100 MB
always_direct allow localhost
coredump_dir /cache1
ie_refresh on

---------------------------------------------------------------


~]# service squid start
Starting squid: audit(1194312183.696:38): avc: denied { getattr } for pid=6998 comm="squid" name="/" dev=hda2 ino=2 scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t tclass=dir
...audit(1194312187.009:39): avc: denied { getattr } for pid=7036 comm="squid" name="/" dev=hda2 ino=2 scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t tclass=dir
...audit(1194312190.322:40): avc: denied { getattr } for pid=7043 comm="squid" name="/" dev=hda2 ino=2 scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t tclass=dir
.....audit(1194312194.450:41): avc: denied { getattr } for pid=7060 comm="squid" name="/" dev=hda2 ino=2 scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t tclass=dir
...audit(1194312197.763:42): avc: denied { getattr } for pid=7067 comm="squid" name="/" dev=hda2 ino=2 scontext=root:system_r:squid_t tcontext=system_u:object_r:file_t tclass=dir
...... [FAILED]


--------------------------------
main jab apna service squid start karta hoon to ya error ata hai... main apni... cache_dir
/cache main karna chata hoo..... lakin start karta hoon squid to ya error ata hai...
jab main
cache_dir usf /cache 6000 32 256
ko khatam karta hoon to squid start hoo jata hai...

kia muje koi achay tariqay see guid kar sakta hai...

Posted: Tue Nov 06, 2007 3:56 am
by mudasir
AOA,

bhai jaan ap ek baar SELinux Disable kar kay , server restart kar kay try karo...let me know...
do the following
vi /etc/selinux/config

set
SELINUX=disabled
SELINUXTYPE=targeted


now restart your server...and then try....

Posted: Tue Nov 06, 2007 6:08 am
by bachajamuraa
thankz sir jeee.. hoo giya... lakin ... 4 MB ke file see zida .exe ka cache nahi kar raha hia....

Posted: Tue Nov 06, 2007 6:10 am
by bachajamuraa
lakin kia app muje ya bata sakteen hain k ya
vi /etc/selinux/config
SELINUX=disabled
to kar diya hia.. lakin main na 2 3 dafa linux dobara instal kar k dakhi.. ya kiun karna para muje disable.... bata sakta hain muje iss k baray main bateen plez

Posted: Tue Nov 06, 2007 12:11 pm
by zaigham_tt
It is necessary to disable firewall n SELINUX during installation while configuring ur services.. for clients and afterwads u can confiure ur firewall by urself according to ur desire.

SELINUX is enhanced Seurity Program

Max Object Size

Posted: Wed Nov 07, 2007 12:22 am
by x2oxen
bachajamuraa wrote:thankz sir jeee.. hoo giya... lakin ... 4 MB ke file see zida .exe ka cache nahi kar raha hia....



Bhai jaan aap isma maximum object size define kardo to aap jitna bara object chaho gai cache ho jai ga.

Code: Select all

maximum_object_size 50 MB


ye likhnay sa squid ki configuration ma 50 mb ki file bhi cache hogi ab. ap apni marzi sa file ka size rakh saktay ho :-p