[squid-users] Squid is active but not working

[Antony Stone]

On Monday 16 August 2021 at 18:09:12, Peter Thesing wrote:

> Hi,
> 
> English is not my native tongue so I am sorry for any mistakes that I've
> made or will make in the future.

That's not problem - I just wanted to make sure I understood your meaning 
(which I did).

> Both apache and squid are running of the same machine. This I like to
> call the server.

Sounds good to me.

> Then on another machine, lets call it the client,  there is also
> opensuse 15.1 but with another purpose. When this client is directly
> connected to the internet is cannot connect to the server.

I do not understand that part.  Why can you not have two machines on one 
network which can both connect to the Internet and also connect to each other?

How does each machine connect to the Internet?

> The relevance of apache is that on some mysterious way I would be able
> to check if squid is working but I just installed it and I have to
> figure this one out.

I would suggest that the best way to find out whether Squid is working is 
either to use Squid itself, or to check whether it is listening on port 3128, 
or perhaps even use something like Icinga2 (although that's prbably going a 
bit far just to "find out whether Squid is working").

> DHCP and DNS are working. The client machine gets an IP address from the
> server.

So, the client machien gets an IP address from the server by DHCP, and it gets 
told to ask the server for DNS queries (which the server then performs and 
returns the results)?

> On the second card i have designated an ip address which is 192.168.1.1
> and the range on which the client computers can connect 192.168.1.20
> through 192.168.1.50.

So, it sounds as though you are using the server as a router, with a public 
address on one interface and a private address on the other.  This doesn't 
explain to me why the client cannot access the Internet through the server, 
acting as a router.

> When using squid in firefox it should connect to http://192.168.1.1:3128
> but it does not...

You mean, it does not even connect to the proxy, or it does connect and the 
proxy does not work correctly, so you get no content from Internet websites?

> Question:
> 
> Where are the log files?

Usually, /var/log/squid/*.log

> How do I read the log files?

less?  cat?  vim?  grep?

> What log-files are relevant to answer the mystery of not connecting?

I would start with access.log.

> the firewall is off and stays off. I have only the ports 21, 80 and 443
> open.

Oh, that is far from my definition of "off".  It means your firewall is active, 
and blocking connections other than FTP (why???), HTTP and HTTPS.

Is this firewall running on your "server" or on some modem/router which the 
server uses to connect to the Internet?

If these firewall rules are on your "server", is there a rule allowing the 
client machine/s to connect to Squid on port 3128?

Further questions:

1. How are you testing from the client machine?  What exactly happens when you 
try?

2. What shows up in Squid's access.log when you attempt to connect from the 
client machine?

3. What changes have you made to the default Squid configuration file?

And, while we're at it:

4. Are you trying to implement Squid purely in order to give the client 
machine access to the Internet, simply because otherwise it cannot?  If that 
is the case, why not simply route the client machine through the server so 
that the client can access the Internet directly?


Antony.

-- 
I thought of going into banking, until I lost interest.

                                                   Please reply to the list;
                                                         please *don't* CC me.