From owner-freebsd-questions Tue Apr 11 5:37:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from www.ozler.com (asy127.as49.sol.superonline.com [212.252.49.127]) by hub.freebsd.org (Postfix) with ESMTP id 105F037B9FB for ; Tue, 11 Apr 2000 05:36:49 -0700 (PDT) (envelope-from ertank@ozlerplastik.com) Received: from ozlerplastik.com ([192.168.0.205]) by www.ozler.com (8.9.3/8.9.3) with ESMTP id PAA92450; Tue, 11 Apr 2000 15:37:10 +0300 (EEST) (envelope-from ertank@ozlerplastik.com) Message-ID: <38F31A06.42C82F71@ozlerplastik.com> Date: Tue, 11 Apr 2000 15:26:46 +0300 From: Ertan Kucukoglu X-Mailer: Mozilla 4.7 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: Mike Tancsa Cc: questions@freebsd.org Subject: Re: can't run squid with leased line (was: Re: Leased line and routing problems) References: <38f28982.520935525@mail.sentex.net> <4.2.2.20000411071710.0527ba58@mail.sentex.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mike Tancsa wrote: > > At 08:50 AM 4/11/2000 +0300, Ertan Kucukoglu wrote: > >I've setup squid on this machine, but squid also have problems. It does not > >give any data to clients. Also there is no log entry. > > Squid is usually quite verbose. You looked at /usr/local/squid/logs ? The > things that people typically forget are squid -z (to initialize the cache) > and adjusting the ACLs in /usr/local/etc/squid/squid.conf First, I want to give the happy news. At last I setup my leased line settings. Thanks to everyone. Now, clients are surfing on the internet :) If someone tries to setup two ethernet leased line box. Thinks to do is: Compile your kernel with below options enabled: options IPFIREWALL options IPDIVERT in /etc/rc.conf file do following settings: gateway_enable="YES" firewall_enable="YES" # Set to YES to enable firewall funct. # You may change this option as required firewall_type="OPEN" # Firewall type (see /etc/rc.firewall) natd_enable="YES" # Enable natd (if firewall_enable == YES). # Name of ethernet connected to router natd_interface="xl1" # Public interface or IPaddress to use. natd_flags="-f /etc/natd.conf" # Additional flags for natd. defaultrouter="195.33.200.145" # Your routers IP in /etc/natd.conf put following lines: # 192.168.1.128 will be your local IP number # for sending mail redirect_port tcp 192.168.1.128:25 25 # for pop style mail reciving redirect_port tcp 192.168.1.128:110: 110 # for http connections redirect_port tcp 192.168.1.128:80 80 # for ftp connection redirect_port tcp 192.168.1.128:21 21 # for telnetting redirect_port tcp 192.168.1.128:23 23 # for imap style mail reciving redirect_port tcp 192.168.1.128:143 143 After above settings your leased line should run. Of course you should set your clients default gateway to your FreeBSD machines local ip number. > > > > You probably dont need routed for such a simple network. > >Just tried it. Didn't work. > > It will not fix your problem. It will just simplify things and potentially > avoid other problems. > > ---Mike Now, about my squid problem... My squid configuration is OK. Squid runs normally. Just it doesn't allow me to use it. I mean squid runs normally, my acls are Ok but, squid returns me an empty page. This is my first time running squid on Leased line. Some squid related configurations and outputs: ----- bash-2.03# cat /squid/etc/squid.conf # 200MB is just for trying squid. It will be greater in the future cache_dir ufs /usr/squid/cache 200 16 256 cache_access_log /usr/squid/logs/access.log cache_log /usr/squid/logs/cache.log #cache_store_log /usr/squid/logs/store.log cache_effective_user squid cache_effective_group squid_group acl allowed1 src 192.168.1.1-192.168.1.254 #acl allowed2 src 212.252.49.127 acl all src 0.0.0.0/0.0.0.0 http_access allow allowed1 #http_access allow allowed2 http_access deny all ----- bash-2.03# ps ax|grep squid 197 ?? Is 0:00.01 /squid/bin/squid 199 ?? S 0:01.34 (squid) (squid) 332 p0 DL+ 0:00.02 grep squid ----- bash-2.03# cat /squid/logs/squid.pid 199 ----- bash-2.03# cat /squid/logs/access.log 955196134.246 78 212.252.71.25 TCP_DENIED/403 1027 GET http://www.ozlerplastik.com/ - NONE/- - 955350884.762 47 212.252.55.1 TCP_DENIED/403 1027 GET http://www.ozlerplastik.com/ - NONE/- - 955352448.252 141 212.252.55.1 TCP_MISS/404 492 GET http://192.168.1.152/~cc/index.html - DIRECT/192.168.1.152 text/html 955352507.098 1757 212.252.55.1 TCP_MISS/000 20527 GET http://192.168.1.152/~cc/ehad/index.html - DIRECT/192.168.1.152 - 955352511.441 3425 212.252.55.1 TCP_HIT/200 33920 GET http://192.168.1.152/~cc/ehad/index.html - NONE/- text/html 955352522.827 66 212.252.55.1 TCP_MISS/200 3831 GET http://192.168.1.152/~cc/ehad/POSTA2.gif - DIRECT/192.168.1.152 image/gif 955428721.925 120 212.252.54.101 TCP_DENIED/403 1027 GET http://www.ozlerplastik.com/ - NONE/- - 955436820.375 61 212.252.49.127 TCP_DENIED/403 1027 GET http://www.ozlerplastik.com/ - NONE/- - bash-2.03# ----- Related part of cache.log: 2000/04/11 12:53:33| Process ID 199 2000/04/11 12:53:33| With 2056 file descriptors available 2000/04/11 12:53:33| Performing DNS Tests... 2000/04/11 12:53:33| Successful DNS name lookup tests... 2000/04/11 12:53:33| DNS Socket created on FD 1 2000/04/11 12:53:33| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2000/04/11 12:53:33| Unlinkd pipe opened on FD 6 2000/04/11 12:53:33| Swap maxSize 204800 KB, estimated 15753 objects 2000/04/11 12:53:33| Target number of buckets: 315 2000/04/11 12:53:33| Using 8192 Store buckets 2000/04/11 12:53:33| Max Mem size: 8192 KB 2000/04/11 12:53:33| Max Swap size: 204800 KB 2000/04/11 12:53:33| Rebuilding storage in /usr/squid/cache (CLEAN) 2000/04/11 12:53:33| Set Current Directory to /usr/squid/cache 2000/04/11 12:53:33| Loaded Icons. 2000/04/11 12:53:33| Accepting HTTP connections at 0.0.0.0, port 3128, FD 8. 2000/04/11 12:53:33| Accepting ICP messages at 0.0.0.0, port 3130, FD 9. 2000/04/11 12:53:33| WCCP Disabled. 2000/04/11 12:53:33| Ready to serve requests. 2000/04/11 12:53:33| Done reading /usr/squid/cache swaplog (2 entries) 2000/04/11 12:53:33| Finished rebuilding storage from disk. 2000/04/11 12:53:33| 2 Entries scanned 2000/04/11 12:53:33| 0 Invalid entries. 2000/04/11 12:53:33| 0 With invalid flags. 2000/04/11 12:53:33| 2 Objects loaded. 2000/04/11 12:53:33| 0 Objects expired. 2000/04/11 12:53:33| 0 Objects cancelled. 2000/04/11 12:53:33| 0 Duplicate URLs purged. 2000/04/11 12:53:33| 0 Swapfile clashes avoided. 2000/04/11 12:53:33| Took 0.0 seconds ( 2.0 objects/sec). 2000/04/11 12:53:33| Beginning Validation Procedure 2000/04/11 12:53:36| Completed Validation Procedure 2000/04/11 12:53:36| Validated 2 Entries 2000/04/11 12:53:36| store_swap_size = 59k 2000/04/11 12:53:36| storeLateRelease: released 0 objects ----- (not needed exactly, but included) bash-2.03# ps ax|grep named 108 ?? Is 0:00.20 named bash-2.03# ----- End Of configurations and outputs ----- Sorry for the slightly big mail. Best Regards, -- Ertan Kucukoglu ertank@ozlerplastik.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message