-
squid nao levanta...
ola linuxers , estou tendo um problema com o squid , instalei ele em meu redhat 7.1 , peguei o na paguina oficial squid-2.5.stable3-20030614.tar.gz
, como tinha visto uma materia aqui no underlinux falando de como instalar e configurar o squid , resolvi meter a cara.
obtive alguns problemas na instalacao , como ele nao achar o meu dominio , só que sempre ele foi me indicando a linha de onde estava errado.
squid.conf
entao fui arrumando (acho) , pois hoje eu dou um ./squid e ele nao me mostra + nenhum erro , + tem um problema , quando dou um ps-aux ele nao esta rodando.
dou um netstat-na ele tambem nao abre a porta 3128.
tento dar um telnet ou algo do tipo na porta ele me recusa.
nao sei oq pode ser , acho que deve ser algo na conf do squid.
assim vou passar meu squid.conf
é bem longo + por via das duvidas vou manda-lo inteiro
antes vou passar algumas informacoes , minha rede se chama zion , minha rede é classe 192.168.0.0
uso varios outros servicos alem do squid , como samba blabablab
tambem compartilho minha internet com regra de iptables.
tenho firewall , e nele a porta 3128 esta aceitando conexao , e pode ser aberta.
ai vai a conf do squid
# welcome to squid 2
# ------------------
#
# this is the default squid configuration file. you may wish
# to look at the squid home page (http://www.squid-cache.org/)
# for the faq and other documentation.
#
# the default squid config file shows what the defaults for
# various options happen to be. if you don´t need to change the
# default, you shouldn´t uncomment the line. doing so may cause
# run-time problems. in some cases "none" refers to no default
# setting at all, while in other cases it refers to a valid
# option - the comments for that keyword indicate if this is the
# case.
#
# network options
# -----------------------------------------------------------------------------
# tag: http_port
# usage: port
# hostname<img src="images/forum/icons/icon_razz.gif">ort
# 1.2.3.4<img src="images/forum/icons/icon_razz.gif">ort
#
# the socket addresses where squid will listen for http client
# requests. you may specify multiple socket addresses.
# there are three forms: port alone, hostname with port, and
# ip address with port. if you specify a hostname or ip
# address, then squid binds the socket to that specific
# address. this replaces the old ´tcp_incoming_address´
# option. most likely, you do not need to bind to a specific
# address, so you can use the port number alone.
#
# the default port number is 3128.
#
# if you are running squid in accelerator mode, then you
# probably want to listen on port 80 also, or instead.
#
# the -a command line option will override the *first* port
# number listed here. that option will not override an ip
# address, however.
#
# you may specify multiple socket addresses on multiple lines.
#
# if you run squid on a dual-homed machine with an internal
# and an external interface then we recommend you to specify the
# internal address<img src="images/forum/icons/icon_razz.gif">ort in http_port. this way squid will only be
# visible on the internal address.
#
#default:
http_port 3128
# tag: https_port
# note: this option is only available if squid is rebuilt with the
# --enable-ssl option
#
# usage: [ip:]port cert=certificate.pem [key=key.pem] [options...]
#
# the socket address where squid will listen for https client
# requests.
#
# this is really only useful for situations where you are running
# squid in accelerator mode and you want to do the ssl work at the
# accelerator level.
#
# you may specify multiple socket addresses on multiple lines,
# each with their own ssl certificate and/or options.
#
# options:
#
# cert= path to ssl certificate (pem format)
#
# key= path to ssl private key file (pem format)
# if not specified, the certificate file is
# assumed to be a combined certificate and
# key file
#
# version= the version of ssl/tls supported
# 1 automatic (default)
# 2 sslv2 only
# 3 sslv3 only
# 4 tlsv1 only
#
# cipher= colon separated list of supported ciphers
#
# options= varions ssl engine options. the most important
# being:
# no_sslv2 disallow the use of sslv2
# no_sslv3 disallow the use of sslv3
# no_tlsv1 disallow the use of tlsv1
# see src/ssl_support.c or openssl documentation
# for a more complete list.
#
#default:
# none
# tag: ssl_unclean_shutdown
# note: this option is only available if squid is rebuilt with the
# --enable-ssl option
#
# some browsers (especially msie) bugs out on ssl shutdown
# messages.
#
#default:
# ssl_unclean_shutdown off
# tag: icp_port
# the port number where squid sends and receives icp queries to
# and from neighbor caches. default is 3130. to disable use
# "0". may be overridden with -u on the command line.
#
#default:
icp_port 3130
# tag: htcp_port
# note: this option is only available if squid is rebuilt with the
# --enable-htcp option
#
# the port number where squid sends and receives htcp queries to
# and from neighbor caches. default is 4827. to disable use
# "0".
#
#default:
# htcp_port 4827
# tag: mcast_groups
# this tag specifies a list of multicast groups which your server
# should join to receive multicasted icp queries.
#
# note! be very careful what you put here! be sure you
# understand the difference between an icp _query_ and an icp
# _reply_. this option is to be set only if you want to receive
# multicast queries. do not set this option to send multicast
# icp (use cache_peer for that). icp replies are always sent via
# unicast, so this option does not affect whether or not you will
# receive replies from multicast group members.
#
# you must be very careful to not use a multicast address which
# is already in use by another group of caches.
#
# if you are unsure about multicast, please read the multicast
# chapter in the squid faq (http://www.squid-cache.org/faq/).
#
# usage: mcast_groups 239.128.16.128 224.0.1.20
#
# by default, squid doesn´t listen on any multicast groups.
#
#default:
# none
# tag: udp_incoming_address
# tag: udp_outgoing_address
# udp_incoming_address is used for the icp socket receiving packets
# from other caches.
# udp_outgoing_address is used for icp packets sent out to other
# caches.
#
# the default behavior is to not bind to any specific address.
#
# a udp_incoming_address value of 0.0.0.0 indicates that squid should
# listen for udp messages on all available interfaces.
#
# if udp_outgoing_address is set to 255.255.255.255 (the default)
# then it will use the same socket as udp_incoming_address. only
# change this if you want to have icp queries sent using another
# address than where this squid listens for icp queries from other
# caches.
#
# note, udp_incoming_address and udp_outgoing_address can not
# have the same value since they both use port 3130.
#
#default:
# udp_incoming_address 0.0.0.0
# udp_outgoing_address 255.255.255.255
# options which affect the neighbor selection algorithm
# -----------------------------------------------------------------------------
# tag: cache_peer
# to specify other caches in a hierarchy, use the format:
#
# cache_peer hostname type http_port icp_port
#
# for example,
#
# # proxy icp
# # hostname type port port options
# # -------------------- -------- ----- ----- -----------
# cache_peer parent.foo.net parent 3128 3130 [proxy-only]
# cache_peer sib1.foo.net sibling 3128 3130 [proxy-only]
# cache_peer sib2.foo.net sibling 3128 3130 [proxy-only]
#
# type: either ´parent´, ´sibling´, or ´multicast´.
#
# proxy_port: the port number where the cache listens for proxy
# requests.
#
# icp_port: used for querying neighbor caches about
# objects. to have a non-icp neighbor
# specify ´7´ for the icp port and make sure the
# neighbor machine has the udp echo port
# enabled in its /etc/inetd.conf file.
#
# options: proxy-only
# weight=n
# ttl=n
# no-query
# default
# round-robin
# multicast-responder
# closest-only
# no-digest
# no-netdb-exchange
# no-delay
# login=user<img src="images/forum/icons/icon_razz.gif">assword | pass | *<img src="images/forum/icons/icon_razz.gif">assword
# connect-timeout=nn
# digest-url=url
# allow-miss
# max-conn
# htcp
# carp-load-factor
#
# use ´proxy-only´ to specify that objects fetched
# from this cache should not be saved locally.
#
# use ´weight=n´ to specify a weighted parent.
# the weight must be an integer. the default weight
# is 1, larger weights are favored more.
#
# use ´ttl=n´ to specify a ip multicast ttl to use
# when sending an icp queries to this address.
# only useful when sending to a multicast group.
# because we don´t accept icp replies from random
# hosts, you must configure other group members as
# peers with the ´multicast-responder´ option below.
#
# use ´no-query´ to not send icp queries to this
# neighbor.
#
# use ´default´ if this is a parent cache which can
# be used as a "last-resort." you should probably
# only use ´default´ in situations where you cannot
# use icp with your parent cache(s).
#
# use ´round-robin´ to define a set of parents which
# should be used in a round-robin fashion in the
# absence of any icp queries.
#
# ´multicast-responder´ indicates that the named peer
# is a member of a multicast group. icp queries will
# not be sent directly to the peer, but icp replies
# will be accepted from it.
#
# ´closest-only´ indicates that, for icp_op_miss
# replies, we´ll only forward closest_parent_misses
# and never first_parent_misses.
#
# use ´no-digest´ to not request cache digests from
# this neighbor.
#
# ´no-netdb-exchange´ disables requesting icmp
# rtt database (netdb) from the neighbor.
#
# use ´no-delay´ to prevent access to this neighbor
# from influencing the delay pools.
#
# use ´login=user<img src="images/forum/icons/icon_razz.gif">assword´ if this is a personal/workgroup
# proxy and your parent requires proxy authentication.
# note: the string can include url escapes (i.e. %20 for
# spaces). this also means that % must be written as %%.
#
# use ´login=pass´ if users must authenticate against
# the upstream proxy. this will pass the users credentials
# as they are to the peer proxy. this only works for the
# basic http authentication sheme. note: to combine this
# with proxy_auth both proxies must share the same user
# database as http only allows for one proxy login.
# also be warned that this will expose your users proxy
# password to the peer. use with caution
#
# use ´login=*<img src="images/forum/icons/icon_razz.gif">assword´ to pass the username to the
# upstream cache, but with a fixed password. this is meant
# to be used when the peer is in another administrative
# domain, but it is still needed to identify each user.
# the star can optionally be followed by some extra
# information which is added to the username. this can
# be used to identify this proxy to the peer, similar to
# the login=username<img src="images/forum/icons/icon_razz.gif">assword option above.
#
# use ´connect-timeout=nn´ to specify a peer
# specific connect timeout (also see the
# peer_connect_timeout directive)
#
# use ´digest-url=url´ to tell squid to fetch the cache
# digest (if digests are enabled) for this host from
# the specified url rather than the squid default
# location.
#
# use ´allow-miss´ to disable squid´s use of only-if-cached
# when forwarding requests to siblings. this is primarily
# useful when icp_hit_stale is used by the sibling. to
# extensive use of this option may result in forwarding
# loops, and you should avoid having two-way peerings
# with this option. (for example to deny peer usage on
# requests from peer by denying cache_peer_access if the
# source is a peer)
#
# use ´max-conn´ to limit the amount of connections squid
# may open to this peer.
#
# use ´htcp´ to send htcp, instead of icp, queries
# to the neighbor. you probably also want to
# set the "icp port" to 4827 instead of 3130.
#
# use ´carp-load-factor=f´ to define a parent
# cache as one participating in a carp array.
# the ´f´ values for all carp parents must add
# up to 1.0.
#
#
# note: non-icp/htcp neighbors must be specified as ´parent´.
#
#default:
# none
# tag: cache_peer_domain
# use to limit the domains for which a neighbor cache will be
# queried. usage:
#
# cache_peer_domain cache-host domain [domain ...]
# cache_peer_domain cache-host !domain
#
# for example, specifying
#
# cache_peer_domain parent.foo.net .edu
#
# has the effect such that udp query packets are sent to
# ´bigserver´ only when the requested object exists on a
# server in the .edu domain. prefixing the domainname
# with ´!´ means that the cache will be queried for objects
# not in that domain.
#
# note: * any number of domains may be given for a cache-host,
# either on the same or separate lines.
# * when multiple domains are given for a particular
# cache-host, the first matched domain is applied.
# * cache hosts with no domain restrictions are queried
# for all requests.
# * there are no defaults.
# * there is also a ´cache_peer_access´ tag in the acl
# section.
#
#default:
# none
# tag: neighbor_type_domain
# usage: neighbor_type_domain parent|sibling domain domain ...
#
# modifying the neighbor type for specific domains is now
# possible. you can treat some domains differently than the the
# default neighbor type specified on the ´cache_peer´ line.
# normally it should only be necessary to list domains which
# should be treated differently because the default neighbor type
# applies for hostnames which do not match domains listed here.
#
#example:
# cache_peer parent cache.foo.org 3128 3130
# neighbor_type_domain cache.foo.org sibling .com .net
# neighbor_type_domain cache.foo.org sibling .au .de
#
#default:
# none
# tag: icp_query_timeout (msec)
# normally squid will automatically determine an optimal icp
# query timeout value based on the round-trip-time of recent icp
# queries. if you want to override the value determined by
# squid, set this ´icp_query_timeout´ to a non-zero value. this
# value is specified in milliseconds, so, to use a 2-second
# timeout (the old default), you would write:
#
# icp_query_timeout 2000
#
#default:
# icp_query_timeout 0
# tag: maximum_icp_query_timeout (msec)
# normally the icp query timeout is determined dynamically. but
# sometimes it can lead to very large values (say 5 seconds).
# use this option to put an upper limit on the dynamic timeout
# value. do not use this option to always use a fixed (instead
# of a dynamic) timeout value. to set a fixed timeout see the
# ´icp_query_timeout´ directive.
#
#default:
# maximum_icp_query_timeout 2000
# tag: mcast_icp_query_timeout (msec)
# for multicast peers, squid regularly sends out icp "probes" to
# count how many other peers are listening on the given multicast
# address. this value specifies how long squid should wait to
# count all the replies. the default is 2000 msec, or 2
# seconds.
#
#default:
# mcast_icp_query_timeout 2000
# tag: dead_peer_timeout (seconds)
# this controls how long squid waits to declare a peer cache
# as "dead." if there are no icp replies received in this
# amount of time, squid will declare the peer dead and not
# expect to receive any further icp replies. however, it
# continues to send icp queries, and will mark the peer as
# alive upon receipt of the first subsequent icp reply.
#
# this timeout also affects when squid expects to receive icp
# replies from peers. if more than ´dead_peer´ seconds have
# passed since the last icp reply was received, squid will not
# expect to receive an icp reply on the next query. thus, if
# your time between requests is greater than this timeout, you
# will see a lot of requests sent direct to origin servers
# instead of to your parents.
#
#default:
# dead_peer_timeout 10 seconds
# tag: hierarchy_stoplist
# a list of words which, if found in a url, cause the object to
# be handled directly by this cache. in other words, use this
# to not query neighbor caches for certain objects. you may
# list this option multiple times.
#we recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
# tag: no_cache
# a list of acl elements which, if matched, cause the request to
# not be satisfied from the cache and the reply to not be cached.
# in other words, use this to force certain objects to never be cached.
#
# you must use the word ´deny´ to indicate the acl names which should
# not be cached.
#
#we recommend you to use the following two lines.
acl query urlpath_regex cgi-bin \?
no_cache deny query
# options which affect the cache size
# -----------------------------------------------------------------------------
# tag: cache_mem (bytes)
# note: this parameter does not specify the maximum process size.
# it only places a limit on how much additional memory squid will
# use as a memory cache of objects. squid uses memory for other
# things as well. see the squid faq section 8 for details.
#
# ´cache_mem´ specifies the ideal amount of memory to be used
# for:
# * in-transit objects
# * hot objects
# * negative-cached objects
#
# data for these objects are stored in 4 kb blocks. this
# parameter specifies the ideal upper limit on the total size of
# 4 kb blocks allocated. in-transit objects take the highest
# priority.
#
# in-transit objects have priority over the others. when
# additional space is needed for incoming data, negative-cached
# and hot objects will be released. in other words, the
# negative-cached and hot objects will fill up any unused space
# not needed for in-transit objects.
#
# if circumstances require, this limit will be exceeded.
# specifically, if your incoming request rate requires more than
# ´cache_mem´ of memory to hold in-transit objects, squid will
# exceed this limit to satisfy the new requests. when the load
# decreases, blocks will be freed until the high-water mark is
# reached. thereafter, blocks will be used to store hot
# objects.
#
#default:
cache_mem 16 mb
# tag: cache_swap_low (percent, 0-100)
# tag: cache_swap_high (percent, 0-100)
#
# the low- and high-water marks for cache object replacement.
# replacement begins when the swap (disk) usage is above the
# low-water mark and attempts to maintain utilization near the
# low-water mark. as swap utilization gets close to high-water
# mark object eviction becomes more aggressive. if utilization is
# close to the low-water mark less replacement is done each time.
#
# defaults are 90% and 95%. if you have a large cache, 5% could be
# hundreds of mb. if this is the case you may wish to set these
# numbers closer together.
#
#default:
# cache_swap_low 90
# cache_swap_high 95
# tag: maximum_object_size (bytes)
# objects larger than this size will not be saved on disk. the
# value is specified in kilobytes, and the default is 4mb. if
# you wish to get a high bytes hit ratio, you should probably
# increase this (one 32 mb object hit counts for 3200 10kb
# hits). if you wish to increase speed more than your want to
# save bandwidth you should leave this low.
#
# note: if using the lfuda replacement policy you should increase
# this value to maximize the byte hit rate improvement of lfuda!
# see replacement_policy below for a discussion of this policy.
#
#default:
maximum_object_size 20948 kb
# tag: minimum_object_size (bytes)
# objects smaller than this size will not be saved on disk. the
# value is specified in kilobytes, and the default is 0 kb, which
# means there is no minimum.
#
#default:
# minimum_object_size 0 kb
# tag: maximum_object_size_in_memory (bytes)
# objects greater than this size will not be attempted to kept in
# the memory cache. this should be set high enough to keep objects
# accessed frequently in memory to improve performance whilst low
# enough to keep larger objects from hoarding cache_mem .
#
#default:
# maximum_object_size_in_memory 8 kb
# tag: ipcache_size (number of entries)
# tag: ipcache_low (percent)
# tag: ipcache_high (percent)
# the size, low-, and high-water marks for the ip cache.
#
#default:
# ipcache_size 1024
# ipcache_low 90
# ipcache_high 95
# tag: fqdncache_size (number of entries)
# maximum number of fqdn cache entries.
#
#default:
# fqdncache_size 1024
# tag: cache_replacement_policy
# the cache replacement policy parameter determines which
# objects are evicted (replaced) when disk space is needed.
#
# lru : squid´s original list based lru policy
# heap gdsf : greedy-dual size frequency
# heap lfuda: least frequently used with dynamic aging
# heap lru : lru policy implemented using a heap
#
# applies to any cache_dir lines listed below this.
#
# the lru policies keeps recently referenced objects.
#
# the heap gdsf policy optimizes object hit rate by keeping smaller
# popular objects in cache so it has a better chance of getting a
# hit. it achieves a lower byte hit rate than lfuda though since
# it evicts larger (possibly popular) objects.
#
# the heap lfuda policy keeps popular objects in cache regardless of
# their size and thus optimizes byte hit rate at the expense of
# hit rate since one large, popular object will prevent many
# smaller, slightly less popular objects from being cached.
#
# both policies utilize a dynamic aging mechanism that prevents
# cache pollution that can otherwise occur with frequency-based
# replacement policies.
#
# note: if using the lfuda replacement policy you should increase
# the value of maximum_object_size above its default of 4096 kb to
# to maximize the potential byte hit rate improvement of lfuda.
#
# for more information about the gdsf and lfuda cache replacement
# policies see http://www.hpl.hp.com/techreports/1999/hpl-1999-69.html
# and http://fog.hpl.external.hp.com/techreports/98/hpl-98-173.html.
#
#default:
# cache_replacement_policy lru
# tag: memory_replacement_policy
# the memory replacement policy parameter determines which
# objects are purged from memory when memory space is needed.
#
# see cache_replacement_policy for details.
#
#default:
# memory_replacement_policy lru
# logfile pathnames and cache directories
# -----------------------------------------------------------------------------
# tag: cache_dir
# usage:
#
# cache_dir type directory-name fs-specific-data [options]
#
# you can specify multiple cache_dir lines to spread the
# cache among different disk partitions.
#
# type specifies the kind of storage system to use. only "ufs"
# is built by default. to eanble any of the other storage systems
# see the --enable-storeio configure option.
#
# ´directory´ is a top-level directory where cache swap
# files will be stored. if you want to use an entire disk
# for caching, then this can be the mount-point directory.
# the directory must exist and be writable by the squid
# process. squid will not create this directory for you.
#
# the ufs store type:
#
# "ufs" is the old well-known squid storage format that has always
# been there.
#
# cache_dir ufs directory-name mbytes l1 l2 [options]
#
# ´mbytes´ is the amount of disk space (mb) to use under this
# directory. the default is 100 mb. change this to suit your
# configuration. do not put the size of your disk drive here.
# instead, if you want squid to use the entire disk drive,
# subtract 20% and use that value.
#
# ´level-1´ is the number of first-level subdirectories which
# will be created under the ´directory´. the default is 16.
#
# ´level-2´ is the number of second-level subdirectories which
# will be created under each first-level directory. the default
# is 256.
#
# the aufs store type:
#
# "aufs" uses the same storage format as "ufs", utilizing
# posix-threads to avoid blocking the main squid process on
# disk-i/o. this was formerly known in squid as async-io.
#
# cache_dir aufs directory-name mbytes l1 l2 [options]
#
# see argument descriptions under ufs above
#
# the diskd store type:
#
# "diskd" uses the same storage format as "ufs", utilizing a
# separate process to avoid blocking the main squid process on
# disk-i/o.
#
# cache_dir diskd directory-name mbytes l1 l2 [options] [q1=n] [q2=n]
#
# see argument descriptions under ufs above
#
# q1 specifies the number of unacknowledged i/o requests when squid
# stops opening new files. if this many messages are in the queues,
# squid won´t open new files. default is 64
#
# q2 specifies the number of unacknowledged messages when squid
# starts blocking. if this many messages are in the queues,
# squid blocks until it recevies some replies. default is 72
#
# common options:
#
# read-only, this cache_dir is read only.
#
# max-size=n, refers to the max object size this storedir supports.
# it is used to initially choose the storedir to dump the object.
# note: to make optimal use of the max-size limits you should order
# the cache_dir lines with the smallest max-size value first and the
# ones with no max-size specification last.
#
#default:
cache_dir diskd /usr/local/squid/var/cache 256 16 256 q1=64 q2=72
# tag: cache_access_log
# logs the client request activity. contains an entry for
# every http and icp queries received. to disable, enter "none".
#
#default:
# cache_access_log /usr/local/squid/var/logs/access.log
# tag: cache_log
# cache logging file. this is where general information about
# your cache´s behavior goes. you can increase the amount of data
# logged to this file with the "debug_options" tag below.
#
#default:
# cache_log /usr/local/squid/var/logs/cache.log
# tag: cache_store_log
# logs the activities of the storage manager. shows which
# objects are ejected from the cache, and which objects are
# saved and for how long. to disable, enter "none". there are
# not really utilities to analyze this data, so you can safely
# disable it.
#
#default:
# cache_store_log /usr/local/squid/var/logs/store.log
# tag: cache_swap_log
# location for the cache "swap.log." this log file holds the
# metadata of objects saved on disk. it is used to rebuild the
# cache during startup. normally this file resides in each
# ´cache_dir´ directory, but you may specify an alternate
# pathname here. note you must give a full filename, not just
# a directory. since this is the index for the whole object
# list you cannot periodically rotate it!
#
# if %s can be used in the file name then it will be replaced with a
# a representation of the cache_dir name where each / is replaced
# with ´.´. this is needed to allow adding/removing cache_dir
# lines when cache_swap_log is being used.
#
# if have more than one ´cache_dir´, and %s is not used in the name
# then these swap logs will have names such as:
#
# cache_swap_log.00
# cache_swap_log.01
# cache_swap_log.02
#
# the numbered extension (which is added automatically)
# corresponds to the order of the ´cache_dir´ lines in this
# configuration file. if you change the order of the ´cache_dir´
# lines in this file, then these log files will not correspond to
# the correct ´cache_dir´ entry (unless you manually rename
# them). we recommend that you do not use this option. it is
# better to keep these log files in each ´cache_dir´ directory.
#
#default:
# none
# tag: emulate_httpd_log on|off
# the cache can emulate the log file format which many ´httpd´
# programs use. to disable/enable this emulation, set
# emulate_httpd_log to ´off´ or ´on´. the default
# is to use the native log format since it includes useful
# information that squid-specific log analyzers use.
#
#default:
emulate_httpd_log on
# tag: log_ip_on_direct on|off
# log the destination ip address in the hierarchy log tag when going
# direct. earlier squid versions logged the hostname here. if you
# prefer the old way set this to off.
#
#default:
# log_ip_on_direct on
# tag: mime_table
# pathname to squid´s mime table. you shouldn´t need to change
# this, but the default file contains examples and formatting
# information if you do.
#
#default:
# mime_table /usr/local/squid/etc/mime.conf
# tag: log_mime_hdrs on|off
# the cache can record both the request and the response mime
# headers for each http transaction. the headers are encoded
# safely and will appear as two bracketed fields at the end of
# the access log (for either the native or httpd-emulated log
# formats). to enable this logging set log_mime_hdrs to ´on´.
#
#default:
# log_mime_hdrs off
# tag: useragent_log
# note: this option is only available if squid is rebuilt with the
# --enable-useragent-log option
#
# squid will write the user-agent field from http requests
# to the filename specified here. by default useragent_log
# is disabled.
#
#default:
# none
# tag: referer_log
# note: this option is only available if squid is rebuilt with the
# --enable-referer-log option
#
# squid will write the referer field from http requests to the
# filename specified here. by default referer_log is disabled.
#
#default:
# none
# tag: pid_filename
# a filename to write the process-id to. to disable, enter "none".
#
#default:
# pid_filename /usr/local/squid/var/logs/squid.pid
# tag: debug_options
# logging options are set as section,level where each source file
# is assigned a unique section. lower levels result in less
# output, full debugging (level 9) can result in a very large
# log file, so be careful. the magic word "all" sets debugging
# levels for all sections. we recommend normally running with
# "all,1".
#
#default:
# debug_options all,1
# tag: log_fqdn on|off
# turn this on if you wish to log fully qualified domain names
# in the access.log. to do this squid does a dns lookup of all
# ip´s connecting to it. this can (in some situations) increase
# latency, which makes your cache seem slower for interactive
# browsing.
#
#default:
# log_fqdn off
# tag: client_netmask
# a netmask for client addresses in logfiles and cachemgr output.
# change this to protect the privacy of your cache clients.
# a netmask of 255.255.255.0 will log all ip´s in that range with
# the last digit set to ´0´.
#
#default:
# client_netmask 255.255.255.255
# options for external support programs
# -----------------------------------------------------------------------------
# tag: ftp_user
# if you want the anonymous login password to be more informative
# (and enable the use of picky ftp servers), set this to something
# reasonable for your domain, like [email protected]
#
# the reason why this is domainless by default is that the
# request can be made on the behalf of a user in any domain,
# depending on how the cache is used.
# some ftp server also validate that the email address is valid
# (for example perl.com).
#
#default:
# ftp_user squid@
# tag: ftp_list_width
# sets the width of ftp listings. this should be set to fit in
# the width of a standard browser. setting this too small
# can cut off long filenames when browsing ftp sites.
#
#default:
# ftp_list_width 32
# tag: ftp_passive
# if your firewall does not allow squid to use passive
# connections, then turn off this option.
#
#default:
# ftp_passive on
# tag: ftp_sanitycheck
# for security and data integrity reasons squid by default performs
# sanity checks of the addresses of ftp data connections ensure the
# data connection is to the requested server. if you need to allow
# ftp connections to servers using another ip address for the data
# connection then turn this off.
#
#default:
# ftp_sanitycheck on
# tag: cache_dns_program
# note: this option is only available if squid is rebuilt with the
# --disable-internal-dns option
#
# specify the location of the executable for dnslookup process.
#
#default:
# cache_dns_program /usr/local/squid/libexec/dnsserver
# tag: dns_children
# note: this option is only available if squid is rebuilt with the
# --disable-internal-dns option
#
# the number of processes spawn to service dns name lookups.
# for heavily loaded caches on large servers, you should
# probably increase this value to at least 10. the maximum
# is 32. the default is 5.
#
# you must have at least one dnsserver process.
#
#default:
# dns_children 5
# tag: dns_retransmit_interval
# initial retransmit interval for dns queries. the interval is
# doubled each time all configured dns servers have been tried.
#
#
#default:
# dns_retransmit_interval 5 seconds
# tag: dns_timeout
# dns query timeout. if no response is received to a dns query
# within this time then all dns servers for the queried domain
# is assumed to be unavailable.
#
#default:
# dns_timeout 5 minutes
# tag: dns_defnames on|off
# note: this option is only available if squid is rebuilt with the
# --disable-internal-dns option
#
# normally the ´dnsserver´ disables the res_defnames resolver
# option (see res_init(3)). this prevents caches in a hierarchy
# from interpreting single-component hostnames locally. to allow
# dnsserver to handle single-component names, enable this
# option.
#
#default:
# dns_defnames off
# tag: dns_nameservers
# use this if you want to specify a list of dns name servers
# (ip addresses) to use instead of those given in your
# /etc/resolv.conf file.
# on windows platforms, if no value is specified here or in
# the /etc/resolv.conf file, the list of dns name servers are
# taken from the windows registry, both static and dynamic dhcp
# configurations are supported.
#
# example: dns_nameservers 10.0.0.1 192.172.0.4
#
#default:
# none
# tag: hosts_file
# location of the host-local ip name-address associations
# database. most operating systems have such a file: under
# un*x it´s by default in /etc/hosts ms-windows nt/2000 places
# that in %systemroot%(by default
# c:\winnt)\system32\drivers\etc\hosts, while windows 9x/me
# places that in %windir%(usually c:\windows)\hosts
#
# the file contains newline-separated definitions, in the
# form ip_address_in_dotted_form name [name ...] names are
# whitespace-separated. lines beginnng with an hash (#)
# character are comments.
#
# the file is checked at startup and upon configuration. if
# set to ´none´, it won´t be checked. if append_domain is
# used, that domain will be added to domain-local (i.e. not
# containing any dot character) host definitions.
#
#default:
# hosts_file /etc/hosts
# tag: diskd_program
# specify the location of the diskd executable.
# note that this is only useful if you have compiled in
# diskd as one of the store io modules.
#
#default:
# diskd_program /usr/local/squid/libexec/diskd
# tag: unlinkd_program
# specify the location of the executable for file deletion process.
#
#default:
# unlinkd_program /usr/local/squid/libexec/unlinkd
# tag: pinger_program
# note: this option is only available if squid is rebuilt with the
# --enable-icmp option
#
# specify the location of the executable for the pinger process.
#
#default:
# pinger_program /usr/local/squid/libexec/pinger
# tag: redirect_program
# specify the location of the executable for the url redirector.
# since they can perform almost any function there isn´t one included.
# see the faq (section 15) for information on how to write one.
# by default, a redirector is not used.
#
#default:
# none
# tag: redirect_children
# the number of redirector processes to spawn. if you start
# too few squid will have to wait for them to process a backlog of
# urls, slowing it down. if you start too many they will use ram
# and other system resources.
#
#default:
# redirect_children 5
# tag: redirect_rewrites_host_header
# by default squid rewrites any host: header in redirected
# requests. if you are running an accelerator then this may
# not be a wanted effect of a redirector.
#
#default:
# redirect_rewrites_host_header on
# tag: redirector_access
# if defined, this access list specifies which requests are
# sent to the redirector processes. by default all requests
# are sent.
#
#default:
# none
# tag: auth_param
# this is used to pass parameters to the various authentication
# schemes.
# format: auth_param scheme parameter [setting]
#
# auth_param basic program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd
# would tell the basic authentication scheme it´s program parameter.
#
# the order that authentication prompts are presented to the client_agent
# is dependant on the order the scheme first appears in config file.
# ie has a bug (it´s not rfc 2617 compliant) in that it will use the basic
# scheme if basic is the first entry presented, even if more secure schemes
# are presented. for now use the order in the file below. if other browsers
# have difficulties (don´t recognise the schemes offered even if you are using
# basic) then either put basic first, or disable the other schemes (by commenting
# out their program entry).
#
# once an authentication scheme is fully configured, it can only be shutdown
# by shutting squid down and restarting. changes can be made on the fly and
# activated with a reconfigure. i.e. you can change to a different helper,
# but not unconfigure the helper completely.
#
# === parameters for the basic scheme follow. ===
#
# "program" cmdline
# specify the command for the external authenticator. such a
# program reads a line containing "username password" and replies
# "ok" or "err" in an endless loop. if you use an authenticator,
# make sure you have 1 acl of type proxy_auth. by default, the
# basic authentication sheme is not used unless a program is specified.
#
# if you want to use the traditional proxy authentication,
# jump over to the ../auth_modules/ncsa directory and
# type:
# % make
# % make install
#
# then, set this line to something like
#
# auth_param basic program /usr/local/squid/bin/ncsa_auth /usr/local/squid/etc/passwd
#
# "children" numberofchildren
# the number of authenticator processes to spawn (no default).
# if you start too few squid will have to wait for them to
# process a backlog of usercode/password verifications, slowing
# it down. when password verifications are done via a (slow)
# network you are likely to need lots of authenticator
# processes.
# auth_param basic children 5
#
# "realm" realmstring
# specifies the realm name which is to be reported to the
# client for the basic proxy authentication scheme (part of
# the text the user will see when prompted their username and
# password). there is no default.
# auth_param basic realm squid proxy-caching web server
#
# "credentialsttl" timetolive
# specifies how long squid assumes an externally validated
# username<img src="images/forum/icons/icon_razz.gif">assword pair is valid for - in other words how
# often the helper program is called for that user. set this
# low to force revalidation with short lived passwords. note
# that setting this high does not impact your susceptability
# to replay attacks unless you are using an one-time password
# system (such as secureid). if you are using such a system,
# you will be vulnerable to replay attacks unless you also
# use the max_user_ip acl in an http_access rule.
#
# === parameters for the digest scheme follow ===
#
# "program" cmdline
# specify the command for the external authenticator. such
# a program reads a line containing "username":"realm" and
# replies with the appropriate h(a1) value base64 encoded.
# see rfc 2616 for the definition of h(a1). if you use an
# authenticator, make sure you have 1 acl of type proxy_auth.
# by default, authentication is not used.
#
# if you want to use build an authenticator,
# jump over to the ../digest_auth_modules directory and choose the
# authenticator to use. it it´s directory type
# % make
# % make install
#
# then, set this line to something like
#
# auth_param digest program /usr/local/squid/bin/digest_auth_pw /usr/local/squid/etc/digpass
#
#
# "children" numberofchildren
# the number of authenticator processes to spawn (no default).
# if you start too few squid will have to wait for them to
# process a backlog of h(a1) calculations, slowing it down.
# when the h(a1) calculations are done via a (slow) network
# you are likely to need lots of authenticator processes.
# auth_param digest children 5
#
# "realm" realmstring
# specifies the realm name which is to be reported to the
# client for the digest proxy authentication scheme (part of
# the text the user will see when prompted their username and
# password). there is no default.
# auth_param digest realm squid proxy-caching web server
#
# "nonce_garbage_interval" timeinterval
# specifies the interval that nonces that have been issued
# to client_agent´s are checked for validity.
#
# "nonce_max_duration" timeinterval
# specifies the maximum length of time a given nonce will be
# valid for.
#
# "nonce_max_count" number
# specifies the maximum number of times a given nonce can be
# used.
#
# "nonce_strictness" on|off
# determines if squid requires strict increment-by-1 behaviour
# for nonce counts, or just incrementing (off - for use when
# useragents generate nonce counts that occasionally miss 1
# (ie, 1,2,4,6)). default off.
#
# "check_nonce_count" on|off
# this directive if set to off can disable the nonce count check
# completely to work around buggy digest qop implementations in
# certain mainstream browser versions. default on to check the
# nonce count to protect from authentication replay attacks.
#
# "post_workaround" on|off
# this is a workaround to certain buggy browsers who sends
# an incorrect request digest in post requests when reusing
# the same nonce as aquired earlier on a get request.
#
# === ntlm scheme options follow ===
#
# "program" cmdline
# specify the command for the external ntlm authenticator.
# such a program reads a line containing the uuencoded negotiate
# and replies with the ntlm challenge, then waits for the
# response and answers with "ok" or "err" in an endless loop.
# if you use an ntlm authenticator, make sure you have 1 acl
# of type proxy_auth. by default, the ntlm authenticator_program
# is not used.
#
# auth_param ntlm program /usr/local/squid/bin/ntlm_auth
#
# "children" numberofchildren
# the number of authenticator processes to spawn (no default).
# if you start too few squid will have to wait for them to
# process a backlog of credential verifications, slowing it
# down. when crendential verifications are done via a (slow)
# network you are likely to need lots of authenticator
# processes.
# auth_param ntlm children 5
#
# "max_challenge_reuses" number
# the maximum number of times a challenge given by a ntlm
# authentication helper can be reused. increasing this number
# increases your exposure to replay attacks on your network.
# 0 means use the challenge only once. (disable challenge
# caching) see max_ntlm_challenge_lifetime for more information.
# auth_param ntlm max_challenge_reuses 0
#
# "max_challenge_lifetime" timespan
# the maximum time period that a ntlm challenge is reused
# over. the actual period will be the minimum of this time
# and the number of reused challenges.
# auth_param ntlm max_challenge_lifetime 2 minutes
#
#recommended minimum configuration:
#auth_param digest program <uncomment and complete this line>
#auth_param digest children 5
#auth_param digest realm squid proxy-caching web server
#auth_param digest nonce_garbage_interval 5 minutes
#auth_param digest nonce_max_duration 30 minutes
#auth_param digest nonce_max_count 50
#auth_param ntlm program <uncomment and complete this line to activate>
#auth_param ntlm children 5
#auth_param ntlm max_challenge_reuses 0
#auth_param ntlm max_challenge_lifetime 2 minutes
#auth_param basic program <uncomment and complete this line>
auth_param basic children 5
auth_param basic realm squid proxy-caching web server
auth_param basic credentialsttl 2 hours
# tag: authenticate_cache_garbage_interval
# the time period between garbage collection across the
# username cache. this is a tradeoff between memory utilisation
# (long intervals - say 2 days) and cpu (short intervals -
# say 1 minute). only change if you have good reason to.
#
#default:
# authenticate_cache_garbage_interval 1 hour
# tag: authenticate_ttl
# the time a user & their credentials stay in the logged in
# user cache since their last request. when the garbage
# interval passes, all user credentials that have passed their
# ttl are removed from memory.
#
#default:
# authenticate_ttl 1 hour
# tag: authenticate_ip_ttl
# if you use proxy authentication and the ´max_user_ip´ acl,
# this directive controls how long squid remembers the ip
# addresses associated with each user. use a small value
# (e.g., 60 seconds) if your users might change addresses
# quickly, as is the case with dialups. you might be safe
# using a larger value (e.g., 2 hours) in a corporate lan
# environment with relatively static address assignments.
#
#default:
# authenticate_ip_ttl 0 seconds
# tag: external_acl_type
# this option defines external acl classes using a helper program
# to look up the status
#
# external_acl_type name [options] format.. /path/to/helper [helper arguments..]
#
# options:
#
# ttl=n ttl in seconds for cached results (defaults to 3600
# for 1 hour)
# negative_ttl=n
# ttl for cached negative lookups (default same
# as ttl)
# concurrency=n concurrency level / number of processes spawn
# to service external acl lookups of this type.
# cache=n result cache size, 0 is unbounded (default)
#
# format specifications
#
# %login authenticated user login name
# %ident ident user name
# %src client ip
# %dst requested host
# %proto requested protocol
# %port requested port
# %method request method
# %{header} http request header
# %{hdr:member} http request header list member
# %{hdr:;member}
# http request header list member using ; as
# list separator. ; can be any non-alphanumeric
# character.
#
# in addition, any string specified in the referencing acl will
# also be included in the helper request line, after the specified
# formats (see the "acl external" directive)
#
# the helper receives lines per the above format specification,
# and returns lines starting with ok or err indicating the validity
# of the request and optionally followed by additional keywords with
# more details.
#
# general result syntax:
#
# ok/err keyword=value ...
#
# defined keywords:
#
# user= the users name (login)
# error= error description (only defined for err results)
#
# keyword values need to be enclosed in quotes if they may contain
# whitespace, or the whitespace escaped using \. any quotes or \
# characters within the keyword value must be \ escaped.
#
#default:
# none
# options for tuning the cache
# -----------------------------------------------------------------------------
# tag: wais_relay_host
# tag: wais_relay_port
# relay wais request to host (1st arg) at port (2 arg).
#
#default:
# wais_relay_port 0
# tag: request_header_max_size (kb)
# this specifies the maximum size for http headers in a request.
# request headers are usually relatively small (about 512 bytes).
# placing a limit on the request header size will catch certain
# bugs (for example with persistent connections) and possibly
# buffer-overflow or denial-of-service attacks.
#
#default:
# request_header_max_size 10 kb
# tag: request_body_max_size (kb)
# this specifies the maximum size for an http request body.
# in other words, the maximum size of a put/post request.
# a user who attempts to send a request with a body larger
# than this limit receives an "invalid request" error message.
# if you set this parameter to a zero (the default), there will
# be no limit imposed.
#
#default:
# request_body_max_size 0 kb
# tag: refresh_pattern
# usage: refresh_pattern [-i] regex min percent max [options]
#
# by default, regular expressions are case-sensitive. to make
# them case-insensitive, use the -i option.
#
# ´min´ is the time (in minutes) an object without an explicit
# expiry time should be considered fresh. the recommended
# value is 0, any higher values may cause dynamic applications
# to be erroneously cached unless the application designer
# has taken the appropriate actions.
#
# ´percent´ is a percentage of the objects age (time since last
# modification age) an object without explicit expiry time
# will be considered fresh.
#
# ´max´ is an upper limit on how long objects without an explicit
# expiry time will be considered fresh.
#
# options: override-expire
# override-lastmod
# reload-into-ims
# ignore-reload
#
# override-expire enforces min age even if the server
# sent a expires: header. doing this violates the http
# standard. enabling this feature could make you liable
# for problems which it causes.
#
# override-lastmod enforces min age even on objects
# that was modified recently.
#
# reload-into-ims changes client no-cache or ``reload´´
# to if-modified-since requests. doing this violates the
# http standard. enabling this feature could make you
# liable for problems which it causes.
#
# ignore-reload ignores a client no-cache or ``reload´´
# header. doing this violates the http standard. enabling
# this feature could make you liable for problems which
# it causes.
#
# basically a cached object is:
#
# fresh if expires < now, else stale
# stale if age > max
# fresh if lm-factor < percent, else stale
# fresh if age < min
# else stale
#
# the refresh_pattern lines are checked in the order listed here.
# the first entry which matches is used. if none of the entries
# match, then the default will be used.
#
# note, you must uncomment all the default lines if you want
# to change one. the default setting is only active if none is
# used.
#
#suggested default:
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
# tag: quick_abort_min (kb)
# tag: quick_abort_max (kb)
# tag: quick_abort_pct (percent)
# the cache by default continues downloading aborted requests
# which are almost completed (less than 16 kb remaining). this
# may be undesirable on slow (e.g. slip) links and/or very busy
# caches. impatient users may tie up file descriptors and
# bandwidth by repeatedly requesting and immediately aborting
# downloads.
#
# when the user aborts a request, squid will check the
# quick_abort values to the amount of data transfered until
# then.
#
# if the transfer has less than ´quick_abort_min´ kb remaining,
# it will finish the retrieval.
#
# if the transfer has more than ´quick_abort_max´ kb remaining,
# it will abort the retrieval.
#
# if more than ´quick_abort_pct´ of the transfer has completed,
# it will finish the retrieval.
#
# if you do not want any retrieval to continue after the client
# has aborted, set both ´quick_abort_min´ and ´quick_abort_max´
# to ´0 kb´.
#
# if you want retrievals to always continue if they are being
# cached then set ´quick_abort_min´ to ´-1 kb´.
#
#default:
# quick_abort_min 16 kb
# quick_abort_max 16 kb
# quick_abort_pct 95
# tag: negative_ttl time-units
# time-to-live (ttl) for failed requests. certain types of
# failures (such as "connection refused" and "404 not found"<img src="images/forum/icons/icon_wink.gif"> are
# negatively-cached for a configurable amount of time. the
# default is 5 minutes. note that this is different from
# negative caching of dns lookups.
#
#default:
# negative_ttl 5 minutes
# tag: positive_dns_ttl time-units
# time-to-live (ttl) for positive caching of successful dns lookups.
# default is 6 hours (360 minutes). if you want to minimize the
# use of squid´s ipcache, set this to 1, not 0.
#
#default:
# positive_dns_ttl 6 hours
# tag: negative_dns_ttl time-units
# time-to-live (ttl) for negative caching of failed dns lookups.
#
#default:
# negative_dns_ttl 5 minutes
# tag: range_offset_limit (bytes)
# sets a upper limit on how far into the the file a range request
# may be to cause squid to prefetch the whole file. if beyond this
# limit then squid forwards the range request as it is and the result
# is not cached.
#
# this is to stop a far ahead range request (lets say start at 17mb)
# from making squid fetch the whole object up to that point before
# sending anything to the client.
#
# a value of -1 causes squid to always fetch the object from the
# beginning so that it may cache the result. (2.0 style)
#
# a value of 0 causes squid to never fetch more than the
# client requested. (default)
#
#default:
# range_offset_limit 0 kb
# timeouts
# -----------------------------------------------------------------------------
# tag: connect_timeout time-units
# some systems (notably linux) can not be relied upon to properly
# time out connect(2) requests. therefore the squid process
# enforces its own timeout on server connections. this parameter
# specifies how long to wait for the connect to complete. the
# default is two minutes (120 seconds).
#
#default:
# connect_timeout 2 minutes
# tag: peer_connect_timeout time-units
# this parameter specifies how long to wait for a pending tcp
# connection to a peer cache. the default is 30 seconds. you
# may also set different timeout values for individual neighbors
# with the ´connect-timeout´ option on a ´cache_peer´ line.
#
#default:
# peer_connect_timeout 30 seconds
# tag: read_timeout time-units
# the read_timeout is applied on server-side connections. after
# each successful read(), the timeout will be extended by this
# amount. if no data is read again after this amount of time,
# the request is aborted and logged with err_read_timeout. the
# default is 15 minutes.
#
#default:
# read_timeout 15 minutes
# tag: request_timeout
# how long to wait for an http request after initial
# connection establishment.
#
#default:
# request_timeout 5 minutes
# tag: persistent_request_timeout
# how long to wait for the next http request on a persistent
# connection after the previous request completes.
#
#default:
# persistent_request_timeout 1 minute
# tag: client_lifetime time-units
# the maximum amount of time that a client (browser) is allowed to
# remain connected to the cache process. this protects the cache
# from having a lot of sockets (and hence file descriptors) tied up
# in a close_wait state from remote clients that go away without
# properly shutting down (either because of a network failure or
# because of a poor client implementation). the default is one
# day, 1440 minutes.
#
# note: the default value is intended to be much larger than any
# client would ever need to be connected to your cache. you
# should probably change client_lifetime only as a last resort.
# if you seem to have many client connections tying up
# filedescriptors, we recommend first tuning the read_timeout,
# request_timeout, persistent_request_timeout and quick_abort values.
#
#default:
# client_lifetime 1 day
# tag: half_closed_clients
# some clients may shutdown the sending side of their tcp
# connections, while leaving their receiving sides open. sometimes,
# squid can not tell the difference between a half-closed and a
# fully-closed tcp connection. by default, half-closed client
# connections are kept open until a read(2) or write(2) on the
# socket returns an error. change this option to ´off´ and squid
# will immediately close client connections when read(2) returns
# "no more data to read."
#
#default:
# half_closed_clients on
# tag: pconn_timeout
# timeout for idle persistent connections to servers and other
# proxies.
#
#default:
# pconn_timeout 120 seconds
# tag: ident_timeout
# maximum time to wait for ident lookups to complete.
#
# if this is too high, and you enabled ident lookups from untrusted
# users, then you might be susceptible to denial-of-service by having
# many ident requests going at once.
#
#default:
# ident_timeout 10 seconds
# tag: shutdown_lifetime time-units
# when sigterm or sighup is received, the cache is put into
# "shutdown pending" mode until all active sockets are closed.
# this value is the lifetime to set for all open descriptors
# during shutdown mode. any active clients after this many
# seconds will receive a ´timeout´ message.
#
#default:
# shutdown_lifetime 30 seconds
# access controls
# -----------------------------------------------------------------------------
# tag: acl
# defining an access list
#
# acl aclname acltype string1 ...
# acl aclname acltype "file" ...
#
<br
-
squid nao levanta...
não intendo nada de squid...
<IMG SRC="images/forum/icons/icon_cool.gif"> <IMG SRC="images/forum/icons/icon_cool.gif"> <IMG SRC="images/forum/icons/icon_cool.gif">
+ quero passar a entender =]
valew
abracos
-
squid nao levanta...
pq ele nao levanta????
./squid
e ele nada me retorna??????
nem abre nenhum pid =[
HELP!!!
plis help !!!
-
squid nao levanta...
Bem,
Mesmo com o .conf do squid, ainda fica dificil de saber pq o serviço naum sobe.
Para saber com mais detalhes, de uma olhada nos Logs do mesmo...tente rada-lo com as opções de debug, para que qualquer erro, do mais tosco ao mais sutil apareça nos logs. (naum me lembro a sintax, mas tente --help que lah fala...)
Pelo o que você disse, o squid foi pego da pagina oficial, e é a ultima versão. Pelo que vc disse o seu redhat eh "antigo" (sei que isso eh relativo), pode estar ocorrendo algum conflito...Para testar, tente instalar o squid que vem nessa versão da sua distro.
desculpe naum poder ajudar totalmente...qualquer coisa poste aki novamente...
[]s
-
squid nao levanta...
esse pergunta vai para o moderador: tem como pesquisar histórico do fórum? essa pergunta já foi respondida várias vezes.
o squid precisa conseguir resolver nomes via dns. ele vai estar isso toda a vez que for iniciado. você pode resolver isso configurando o resolv.conf com um dns externo, ou configurando um servidor dns (pode ser só de cache) na mesma máquina (seria a opção ideal).