[squid-users] Question on Many Clients to Many Proxy Lists

Wire Cutter wirecutter at shadycloud.com
Fri Nov 30 18:51:45 UTC 2018 

So thats exactly what I did.

#Rules for Peer group - list 1
       cache_peer_access peerA1 allow port_8080
       cache_peer_access peerA2 allow port_8080
       cache_peer_access peerA3 allow port_8080
       cache_peer_access peerA4 allow port_8080

#cache_peer
        cache_peer 192.168.1.2 parent 8800 0 round-robin no-query
name=peerA1
        cache_peer 192.168.2.2 parent 8800 0 round-robin no-query
name=peerA2
        cache_peer 192.168.2.5 parent 8800 0 round-robin no-query
name=peerA3
        cache_peer 192.168.2.6  parent 8800 0 round-robin no-query
name=peerA4

Then this is the error I get when I start the service

Nov 30 18:38:11 ubuntu systemd[1]: Starting LSB: Squid HTTP Proxy version
3.x...
Nov 30 18:38:11 ubuntu squid[13974]: Bungled /etc/squid/squid.conf line
3148: cache_peer_access peerA1 allow port_8080
Nov 30 18:38:11 ubuntu squid[13980]: Bungled /etc/squid/squid.conf line
3148: cache_peer_access peerA1 allow port_8080
Nov 30 18:38:11 ubuntu squid[13957]:  * FATAL: Bungled
/etc/squid/squid.conf line 3148: cache_peer_access peerA1 allow port_8080
Nov 30 18:38:11 ubuntu systemd[1]: squid.service: Control process exited,
code=exited status=3
Nov 30 18:38:11 ubuntu systemd[1]: squid.service: Failed with result
'exit-code'.
Nov 30 18:38:11 ubuntu systemd[1]: Failed to start LSB: Squid HTTP Proxy
version 3.x.



On Thu, Nov 29, 2018 at 10:44 AM Alex Rousskov <
rousskov at measurement-factory.com> wrote:

> On 11/29/18 7:57 AM, Wire Cutter wrote:
>
> > I’ve created 4 ports for clients to talk to, then created ACL lists for
> > those ports.  From there I’ve tried (and failed) to create naming groups
> > for cacheing peers, then added those to ACLs and it fails. Any ideas?
>
> Use cache_peer_access to allow http_port X traffic (and only that
> traffic) to peer group Y:
>
>   # rules for peer group A
>   cache_peer_access peerA1 allow receivedOnPortForPeersA
>   cache_peer_access peerA2 allow receivedOnPortForPeersA
>   cache_peer_access peerA3 allow receivedOnPortForPeersA
>   ...
>   # rules for peer group B
>   cache_peer_access peerB1 allow receivedOnPortForPeersB
>   cache_peer_access peerB2 allow receivedOnPortForPeersB
>   ...
>
>
> Depending on your traffic and needs, you may also need to allow
> non-hierarchical requests to go to peer:
>
>   nonhierarchical_direct off
>
> and/or to prohibit direct connections for portX:
>
>   never_direct allow receivedOnPortForPeersA
>   never_direct allow receivedOnPortForPeersB
>
>
> Once you get this working, please make Squid documentation improvements
> that would have allowed you to figure this out on your own.
>
>
> HTH,
>
> Alex.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>


-- 
_________________________________________________________________________________

This transmission may contain information that is privileged, confidential
and exempt from disclosure under applicable law.  If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is STRICTLY PROHIBITED.  If you received this
transmission in error, please immediately contact the sender and destroy
the material in its entirety, whether in electronic or hard copy format.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20181130/bd848a29/attachment-0001.html>

More information about the squid-users mailing list