[squid-users] squid unable to start on CentOS 6.5

Derek Cole derek.cole at gmail.com
Mon Dec 29 23:02:32 UTC 2014 

I just wanted to let you know that I got back to look at this problem. I
have tried to uninstall and re-install squid with just default RPM's
squid.conf, and it still will not launch. Tomorrow I am going to try to
install on a fresh VM with the exact same kernel version and see what kind
of results I have.

-Derek

On Mon, Dec 22, 2014 at 7:31 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 23/12/2014 12:42 p.m., Eliezer Croitoru wrote:
> > Well Derek,
> >
> > I must write something "I am amazed!!!" In Step 7 there is a little
> > confusion. The "accel vhost allow-direct" options are not for
> > transparent and\or interception proxy and I am unsure why it
> > works.
>
> It "works" because the traffic syntax for port 80 is accepted by both
> intercept (transparent intercept-proxy) and accel (web server
> reverse-proxy) modes. The "allow-direct" settings then converts the
> reverse-proxy into a highly vulnerable Open Proxy. Plus firewall NAT
> settings diverting all traffic (from both LAN and WAN!)
>
>
>
> Derek, If you got to step 9 then *immediately* go to your firewall
> setup and erase that line containing:
>  -i $ETHERNET_INTERNET -p tcp --dport 80 -j REDIRECT
>
> It is completely needless on WAN interface and should never be used in
> the form shown there. The tutorial Eliezer linked below contains all
> you need for transparent interception.
>
>
>
> > you should use something like: http_port 127.0.0.1:3128 http_port
> > 13128 intercept
>
> nod.
>
> >
> > Instead of what mentioned in the tutorial. I would try to use
> > another tutorial or guide to install squid in transparent mode.
> > Have you tried our wiki? I have found this for you:
> > http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
> >
> > Else then couple little mistakes(which I will gladly be open to
> > help with) the tutorial looks very good.
> >
> > Try my suggestion and lets see if squid starts up or not.
> >
> > Eliezer
> >
>
> Amos
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
>
> iQEcBAEBAgAGBQJUmLf7AAoJELJo5wb/XPRjd8QIANnGYjuGGzJ1WPvV1oF6BZzO
> 4fxqnJOLDH/M4b6gB+vgRYIkMY1qZTCptC1eE66YvkKGgYYjZEGvbIxyZ3Ql9IEg
> bvm2t3ouJxts4I576275XIj9Tvh7u77ObcD51vPFrOCzjt66UoNBnXlHE2Hm7jfz
> WYTK/oa7AgdYxfsZPZuVLb6m9ClfIzdB+ta3vVBUkfgsgCPkPZdk3O6NRmhnzA56
> sSlCOS43UfXwDsg6F/RwREs5/SruAYa2PTIwhLcHsPmKJiUToH9v/UnGRzGaKiwp
> LsuktdGfkDYl4bsd8FVAwTzev1Lzs97+IokVUGogE20LxWT08DwZEMd7M2SvmtE=
> =UfqC
> -----END PGP SIGNATURE-----
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141229/19ac74e2/attachment-0001.html>

More information about the squid-users mailing list