squid配置问题

smishlhy

我在使用squid做代理服务器时，文件配置好了却仍然无法代理上网，查看端口已经开启，iptables也已经关闭。请教各位应该如何配置。
squid版本是3.1.4，需要代理的网段为192.168.52.0/24。 以下是我squid.conf文件的配置内容


acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl localhost src ::1/128
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl to_localhost dst ::1/128

acl my_network src 192.168.52.0/24

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7   # RFC 4193 local private network range
acl localnet src fe80::/10  # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

#
# Recommended minimum Access Permission configuration:
#
# Only allow cachemgr access from localhost
http_access allow all
#http_access allow manager localhost
#http_access deny manager

# Deny requests to certain unsafe ports
http_access deny !Safe_ports

# Deny CONNECT to other than secure SSL ports
http_access deny CONNECT !SSL_ports
# We strongly recommend the following be uncommented to protect innocent
# web applications running on the proxy server who think the only
# one who can access services on "localhost" is a local user
#http_access deny to_localhost

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
#http_access deny all

# Squid normally listens to port 3128
http_port 3128
# We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?

# Uncomment and adjust the following to add a disk cache directory.
#cache_dir ufs /var/spool/squid 100 16 256

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

smishlhy

自己顶个，谁能指点下啊，

linblue

回复 1# smishlhy

squid能正常启动嘛？你看squid.conf应该只是普通代理。普通代理的话上网网络连接需要设置。你IE想上网，internet里的连接还需要在‘局域网设置’中的代理服务器上面填上端口跟IP。如果不想手动设置可以修改squid.conf，设置成透明代理。
   

smishlhy

回复 3# linblue
squid可以正常启动 使用nmap对squid服务器扫描显示端口开启squid-http服务 端口为3128 ，浏览器修改过代理服务器配置


   

linblue

回复 4# smishlhy

能正常启动、也关了防火墙应该是没有问题的，查看一下squid的日志文件access.log。看打开时有没有报什么错误。
   

linblue

回复 4# smishlhy

再看一下cache.log文件。

smishlhy

回复 6# linblue
查看了下不知道什么问题access.log的记录居然是空的

以下是cache.log的记录

    2013/09/24 20:18:49| Shutting down...
2013/09/24 20:18:49| basic/auth_basic.cc(97) done: Basic authentication Shutdown
.
2013/09/24 20:18:49| Closing unlinkd pipe on FD 12
2013/09/24 20:18:49| storeDirWriteCleanLogs: Starting...
2013/09/24 20:18:49|   Finished.  Wrote 0 entries.
2013/09/24 20:18:49|   Took 0.00 seconds (  0.00 entries/sec).
CPU Usage: 0.112 seconds = 0.052 user + 0.060 sys
Maximum Resident Size: 39664 KB
Page faults with physical i/o: 0
Memory usage for squid via mallinfo():
        total space in arena:    3212 KB
        Ordinary blocks:         3197 KB      7 blks
        Small blocks:               0 KB      7 blks
        Holding blocks:          1096 KB      4 blks
        Free Small blocks:          0 KB
        Free Ordinary blocks:      14 KB
        Total in use:            4293 KB 134%
        Total free:                15 KB 0%
2013/09/24 20:18:49| Open FD UNSTARTED     7 DNS Socket
2013/09/24 20:18:49| Squid Cache (Version 3.1.4): Exiting normally.
2013/09/24 20:18:56| Creating Swap Directories
2013/09/24 20:19:10| Starting Squid Cache version 3.1.4 for x86_64-redhat-linux-
gnu...
2013/09/24 20:19:10| Process ID 4514
2013/09/24 20:19:10| With 1024 file descriptors available
2013/09/24 20:19:10| Initializing IP Cache...
2013/09/24 20:19:10| DNS Socket created at [::], FD 7
2013/09/24 20:19:10| Adding domain localdomain from /etc/resolv.conf
2013/09/24 20:19:10| Adding domain localdomain from /etc/resolv.conf
2013/09/24 20:19:10| Adding nameserver 192.168.52.2 from /etc/resolv.conf
2013/09/24 20:19:10| User-Agent logging is disabled.
2013/09/24 20:19:10| Referer logging is disabled.
2013/09/24 20:19:10| Unlinkd pipe opened on FD 12
2013/09/24 20:19:10| Local cache digest enabled; rebuild/rewrite every 3600/3600
sec
2013/09/24 20:19:10| Store logging disabled
2013/09/24 20:19:10| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2013/09/24 20:19:10| Target number of buckets: 1008
2013/09/24 20:19:10| Using 8192 Store buckets
2013/09/24 20:19:10| Max Mem  size: 262144 KB
2013/09/24 20:19:10| Max Swap size: 0 KB
2013/09/24 20:19:10| Using Least Load store dir selection
2013/09/24 20:19:10| Set Current Directory to /var/spool/squid
2013/09/24 20:19:10| Loaded Icons.
2013/09/24 20:19:10| Accepting  HTTP connections at [::]:3128, FD 13.
2013/09/24 20:19:10| HTCP Disabled.
2013/09/24 20:19:10| Squid modules loaded: 0
2013/09/24 20:19:10| Adaptation support is off.
2013/09/24 20:19:10| Ready to serve requests.
2013/09/24 20:19:11| storeLateRelease: released 0 objects

linblue

回复 7# smishlhy

你squid安装完后有没有squid -z 初始化创建缓存目录？
   

linblue

回复 7# smishlhy

不太清楚你安装的时候有没有问题，http://blog.sina.com.cn/s/blog_6c764a7b0100sg7u.html
你照着这个网址上面写的，检查squid.conf有没有错误，然后前台启动看是否能启动。最后挂到后台去。再试一次。
还有一点是修改squid权限，通常安装squid要自己创建一个squid的用户。然后修改缓存目录和logs目录的权限为squid。连接里面有相关内容。

linblue

还有。。。你的squid.conf是default的。一般我们不会使用默认的，而是自己手动写一个。建议你手动写一个然后替换现在的conf。然后再squid -k configure 重新加载。